On Jul4, 2010, at 11:59 , Pavel Stehule wrote:
> 2010/7/4 Florian Pflug <fgp@phlo.org>:
>> On Jul4, 2010, at 08:41 , Pavel Stehule wrote:
>>> I enhanced DO statement syntax to allowing a parameters. Syntax is
>>> relative simple:
>>>
>>> do ([varname] vartype := value, ...) $$ ... $$
>>
>> I think it'd be more useful to put the values at the very end of the statement, not somewhere in the middle. For
positionalparameters I envision
>>
>> do (vartype, ...) $$ ... $$ using value, ...
>>
>> and for named parameters it'd be
>>
>> do (varname vartype) $$ ... $$ using varname := value, ...
> Your syntax is longer and less readable (my personal view). With
> proposed syntax it is ensured so every parameter has a value. Next -
> my syntax is reflecting fact, so these are not true parameters - it's
> +/- similar to default values of function parameters.
Yeah, with your syntax omitting a value is syntactically invalid, while with mine it'd parse OK and fail later on. But
Ifail to see the drawback of that. I do agree that my suggestion is slightly more verbose, but it think thats
compensatedby the increase in usefulness.
> I understand to your motivation - but you can use a printf command and
> do it same work.
Sure. But by the very same argument, printf makes DO-block parameters redundant as a whole.
> or better and safer - use a psql variables (it is preferred solution)
I don't really buy that argument. By using a psql variable, you simply move the quoting & escaping business from SQL to
theshell where psql is called. True, you avoid SQL injectiont, but in turn you make yourself vulnerable to shell
injection.
best regards,
Florian Pflug