- From: Jim Jewett <jimjjewett@gmail.com>
- Date: Fri, 9 Nov 2007 14:08:15 -0500
- To: public-html@w3.org
- Cc: ian@hixie.ch
Ian Hickson answered: > As far as the question mark placeholders go, it's > actually well-defined -- the spec says that the > placeholders must be used in place of literals. Having read this explanation, I now see that. On first reading, I assumed it was referring to (javascript string) literals that would be substituted in. Could you clarify: """ 2. Parse the first argument to the method (sqlStatement) as an SQL statement, with the exception that ? characters can be used in place of literals in the statement. [SQL] """ perhaps into """ Parse the first argument to the method (sqlStatement) as an SQL statement. [SQL] The SQL dialect embedded by HTML5 supports use of a question mark character (?) to indicate a dynamic parameter. Note that the ? is limited to replacing SQL literals; it does not provide arbitrary (or printf-style) string interpolation. """ This still leaves open whether the statement has to actually be PREPAREd, and whether other parameter types or host variables are supported. Hopefully, it does make clear that you can't just use the ? for pasting together random strings. It would also be good to have an example, so that people (like me) won't wonder whether to use '?' instead of ?. -jJ
Received on Friday, 9 November 2007 19:08:51 UTC