[html5] r1051 - /
whatwg at whatwg.org
whatwg at whatwg.org
Thu Oct 11 22:36:27 PDT 2007
Author: ianh
Date: 2007-10-11 22:36:26 -0700 (Thu, 11 Oct 2007)
New Revision: 1051
Modified:
index
source
Log:
[] (0) Define how ? replacement works in sql statements better. Suggestions on making it EVEN better are welcome.
Modified: index
===================================================================
--- index 2007-10-11 23:32:14 UTC (rev 1050)
+++ index 2007-10-12 05:36:26 UTC (rev 1051)
@@ -22,7 +22,7 @@
<h1 id=html-5>HTML 5</h1>
- <h2 class="no-num no-toc" id=working>Working Draft — 11 October 2007</h2>
+ <h2 class="no-num no-toc" id=working>Working Draft — 12 October 2007</h2>
<p>You can take part in this work. <a
href="http://www.whatwg.org/mailing-list">Join the working group's
@@ -30179,15 +30179,20 @@
<ol>
<li>
<p>The first argument to the method (<var title="">sqlStatement</var>)
- must be interpreted as an SQL statement, replacing any <code
- title="">?</code> placeholders in the statement with the values given in
- the subsequent arguments (<var title="">arguments...</var>).</p>
+ must be interpreted as an SQL statement, with the exception that <code
+ title="">?</code> characters can be used in place of literals in the
+ statement.</p>
- <p>If the syntax of <var title="">sqlStatement</var> is not valid, or the
- statement uses features that are not supported (e.g. due to security
- reasons), then the the method must raise a <code>SYNTAX_ERR</code>
- exception and abort these steps.</p>
+ <p>The <code title="">?</code> placeholders, as the statement is
+ executed, must each take the value of their corresponding argument (from
+ <var title="">arguments...</var>, in the same order).</p>
+ <p>If the syntax of <var title="">sqlStatement</var> is not valid (except
+ for the use of <code title="">?</code> characters in the place of
+ literals), or the statement uses features that are not supported (e.g.
+ due to security reasons), then the the method must raise a
+ <code>SYNTAX_ERR</code> exception and abort these steps.</p>
+
<p>If the number of <var title="">arguments...</var> is not equal to the
number of <code title="">?</code> placeholders in the statement, then
the method must raise a <code>SYNTAX_ERR<!-- XXX
Modified: source
===================================================================
--- source 2007-10-11 23:32:14 UTC (rev 1050)
+++ source 2007-10-12 05:36:26 UTC (rev 1051)
@@ -27796,15 +27796,20 @@
<p>The first argument to the method (<var
title="">sqlStatement</var>) must be interpreted as an SQL
- statement, replacing any <code title="">?</code> placeholders in
- the statement with the values given in the subsequent arguments
- (<var title="">arguments...</var>).</p>
+ statement, with the exception that <code title="">?</code>
+ characters can be used in place of literals in the statement.</p>
- <p>If the syntax of <var title="">sqlStatement</var> is not valid,
- or the statement uses features that are not supported (e.g. due to
- security reasons), then the the method must raise a
- <code>SYNTAX_ERR</code> exception and abort these steps.</p>
+ <p>The <code title="">?</code> placeholders, as the statement is
+ executed, must each take the value of their corresponding argument
+ (from <var title="">arguments...</var>, in the same order).</p>
+ <p>If the syntax of <var title="">sqlStatement</var> is not valid
+ (except for the use of <code title="">?</code> characters in the
+ place of literals), or the statement uses features that are not
+ supported (e.g. due to security reasons), then the the method must
+ raise a <code>SYNTAX_ERR</code> exception and abort these
+ steps.</p>
+
<p>If the number of <var title="">arguments...</var> is not equal
to the number of <code title="">?</code> placeholders in the
statement, then the method must raise a <code>SYNTAX_ERR<!-- XXX
More information about the Commit-Watchers
mailing list