mirror of
https://github.com/RGBCube/serenity
synced 2025-07-25 18:17:44 +00:00
LibSQL: Parse and execute sequential placeholder values
This partially implements SQLite's bind-parameter expression to support indicating placeholder values in a SQL statement. For example: INSERT INTO table VALUES (42, ?); In the above statement, the '?' identifier is a placeholder. This will allow clients to compile statements a single time while running those statements any number of times with different placeholder values. Further, this will help mitigate SQL injection attacks.
This commit is contained in:
parent
53f8d62ea4
commit
b2b9ae27fd
10 changed files with 154 additions and 30 deletions
|
@ -171,6 +171,7 @@ namespace SQL::AST {
|
|||
__ENUMERATE_SQL_TOKEN("_blob_", BlobLiteral, Blob) \
|
||||
__ENUMERATE_SQL_TOKEN("_eof_", Eof, Invalid) \
|
||||
__ENUMERATE_SQL_TOKEN("_invalid_", Invalid, Invalid) \
|
||||
__ENUMERATE_SQL_TOKEN("?", Placeholder, Operator) \
|
||||
__ENUMERATE_SQL_TOKEN("&", Ampersand, Operator) \
|
||||
__ENUMERATE_SQL_TOKEN("*", Asterisk, Operator) \
|
||||
__ENUMERATE_SQL_TOKEN(",", Comma, Punctuation) \
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue