I'm looking to inspect SQL statements in Java/jdbc code to ensure that the SQL to be executed is of acceptable quality. Neither PMD not Findbugs appears to have JDBC or sql rules. I could use p6spy to log the SQL and look at that way, but this is manual. I'm wondering if the strategy of of using PMD/Findbugs/etc to create a rule that ...
What's the best way to make psycopg2 pass parameterized queries to PostgreSQL? I don't want to write my own escpaing mechanisms or adapters and the psycopg2 source code and examples are difficult to read in a web browser. If I need to switch to something like PyGreSQL or another python pg adapter, that's fine with me. I just want simple...
I have this: string a = "a+a"; SqlCommand q = new SqlCommand("SELECT * FROM table WHERE a = @a", conn); q.Parameters.AddWithValue("@a", a); But the parameterization totally erases the + from a, leaving me with a a instead of the desired a+a. I need that + in place; I just want it escaped, not removed. Is there a way I can tell C# to...