r3wp [groups: 83 posts: 189283]
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search
 

World: r3wp

[MySQL]

Dockimbel
1-May-2007
[867x2]
I see that rebol.org has improved a lot. Good work guys!
Is there a top 10 most downloaded scripts ? (could be usefull to 
newcomers)
Sunanda
1-May-2007
[869]
There's a top 250 most popular scripts -- available if you are logged 
on:

http://www.rebol.org/cgi-bin/cgiwrap/rebol/script-popularity.r?top=250

The popularity rating is an imperfect attempt to factor out downloads 
by bots (and many other factors) and arrive at something meaningful.
Maxim
1-May-2007
[870]
wow glayout is in the top 10   :-)  I'm proud  :-)
Sunanda
1-May-2007
[871]
[maybe we should switch to Library -- we're off-topic for MySQL]
Dockimbel
1-May-2007
[872]
Can I upload a ZIP archive or does it require to upload only a single 
REBOL script ?
Sunanda
1-May-2007
[873]
{switching to Library to answer that]
Will
1-May-2007
[874]
great! Thanks Doc 8)
Dockimbel
1-May-2007
[875]
MySQL Driver for REBOL version 1.1.0 released.


    Changes : http://softinnov.org/rebol/mysql-usage.html#sect2.1.
    Download: http://rebol.softinnov.org/mysql/
TimW
4-May-2007
[876]
I really like the new preferred method.  Thanks for adding that.
Maarten
6-May-2007
[877x2]
Me too. Should we add /prevent-sql-injection with send/sql?
*send-sql
Dockimbel
6-May-2007
[879x2]
The prepared statements mode should protect from SQL injection : 
send-sql db [ "...?..." argument ]
I've hesitated between 'send-sql and 'do-sql. I've used 'do-sql for 
the Cheyenne/RSP database API, so the driver had 'send-sql.
Maarten
6-May-2007
[881]
even if 'argument is a SQL query in its own?
Dockimbel
6-May-2007
[882x4]
the query (string!) will be properly quoted and escaped, so it should 
do no harm.
for example :
argument: "SQL injection code"
send-sql db [ "SELECT * FROM table WHERE field like ?" argument ]

will produce 

 SELECT * FROM table WHERE field like 'SQL injection code' 
if 'argument itself, contains quotes, they will be escaped.
Maarten
6-May-2007
[886]
As always, smarter than I thought. And it is amazing what level of 
abstraction one can provide with so few lines of REBOL
Dockimbel
6-May-2007
[887]
You remind me that I should add a few lines about secure programming 
practices in the driver documentation.
Pekr
7-May-2007
[888x2]
Doc, I would try to apply to be listed here - http://www.mysql.com/products/connector/
note that there are also community drivers mentioned ...
Will
7-May-2007
[890x10]
now you can:
node: first send-sql/named db {select * from `node` where id=1 LIMIT 
0,1}
what about this?
node: db-get 'node [] {id=1}
and this:
db-get 'node [id name data] [{id=?} 1]
will send a query like:
{SELECT `id`,`name`,`data` FROM `node` WHERE id='1' LIMIT 0,1}
quoted columns.. 8)
column names
Will
13-May-2007
[900x4]
not sure but with latest mysql-driver
this works:
send-sql db ["INSERT INTO `engine` (`id`,`style`) VALUES 
('12',?)" "ciao;oo"]
will send {INSERT INTO `engine` (`id`,`style`) 
VALUES ('12','ciao;oo')}
this doesn't:
send-sql db "INSERT INTO `engine` (`id`,`style`) VALUES 
('12','ciao;oo')"
will send:
{INSERT INTO `engine` (`id`,`style`) 
VALUES ('12','ciao}
it worked before the new multiple statements feature
Dockimbel
13-May-2007
[904]
Interesting case, you're right, it may confuse the multistatement 
processing, I'll make a fix for that asap.
Will
13-May-2007
[905]
Thank you Dock!
Joe
19-May-2007
[906]
Hi Doc, When will you release the multi-statement fix ?
Dockimbel
20-May-2007
[907]
Hi Joe, I should have time tomorrow to make that fix.
Terry
22-May-2007
[908x2]
Am I missing something wihen querying multiple columns... seems I 
get the results as a single string.. 
ie: send-sql "select a, b from table";

returns something like     "aresultbresult" ?
nevermind
Dockimbel
22-May-2007
[910x2]
Beta release v1.1.1 with a fix for the semicolon issue in SQL strings 
: http://softinnov.org/tmp/mysql-protocol.r
Please let me know if there are still issues with multi-statements 
parsing.
Will
22-May-2007
[912]
Thank you Dock!
Dockimbel
26-May-2007
[913]
Public release of MySQL Driver v.1.1.1 (bugfix release) :

- Multi-statements queries parsing improved. Semi-colons included 
in quoted strings are now ignored.

- Email!, url! and other any-string! values are now correctly escaped 
in prepared statements.

- Empty block! values are now converted to "()" instead of "(NULL)".

http://rebol.softinnov.org/mysql
Will
8-Jun-2007
[914]
need help from mysql gurus ;-)  have this where clause:
WHERE MATCH (data) AGAINST ('"musˇe"' IN BOOLEAN MODE)

now here they say that doublecuoting should make the match accent-sensitive, 
but noo 8-(
http://forums.mysql.com/read.php?107,27969,29346#msg-29346
have set everything utf8 ..
thanks!
Dockimbel
16-Jun-2007
[915]
MySQL driver release v.1.1.2 Download at : http://rebol.softinnov.org/mysql

- Fix for an infinite loop issue when the server times out the connection 
(unix platforms).

- TCP keepalive option activated by default (for longstanding idle 
connections).

- Send-cmd function optimized to be a little bit faster and use less 
memory.
- Added new-lines markers to resulting recorsets.

- Added option to switch on/off new-lines marker through port/locals/newlines? 
flag.

- Recycle call removed from read-rows function. Should speed up the 
results a little bit.
- Minor source code cleanup.
Will
16-Jun-2007
[916]
GREAT NEW, a basis benchmark with about 50'000 queries runs in 2:52.26 
minutes and..