db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Matrigali <mikem_...@sbcglobal.net>
Subject Re: Question regarding DERBY-4208 Parameters ? with OFFSET and/or FETCH
Date Thu, 09 Jul 2009 17:02:00 GMT
I would rather wait for an approved standard so that we don't later
get caught with apps depending on a non-standard behavior that we
might want to change in the future to meet a standard.

 From the provided info it does not even look like there is a defacto
standard adopted by multiple db's.

/mikem

Dag H. Wanvik wrote:
> Hi folks,
> 
> I have a working patch sitting on DERBY-4208. I am wondering if this
> is a fix we should consider including for 10.5.2?
> 
> The pro argument is that this is a usability issue, and to the extent
> it forces the app to construct SQL on the fly, makes the app more
> vulnerable to injection attacks, at least in theory. A user has asked
> for it.
> 
> On the contra side, we have the fact that dynamic arguments are not
> allowed by the SQL standard for this construct, at least not yet.
> 
> Personally I think it's a nice extension.
> 
> Thoughts?
> 
> Dag
> 



Mime
View raw message