[PD] [psql] object hand-holding

Jamie Bullock jamie at postlude.co.uk
Mon Dec 10 20:08:28 CET 2007

On Mon, 2007-12-10 at 09:55 -0600, Mike McGonagle wrote:

> Well, Jamie, at the same time, I think that Mathieu might be refering
> how the output is handled from the 'sql' external. That is the part
> that would make having just a single instance of a database object
> difficult at best to work with. From some of the early tests that I
> have done, I have pretty much always assumed that each instance would
> be outputing a different result set. If you only used one database
> object, you would have to figure out how to route all the result sets.

Fair enough, I think I was probably stretching the point about using the
[psql]-style of database connectivity requiring less objects.

However, it's perfectly possible to have multiple [psql] instances
connected to the same database, so the routing problem is a bit of a
moot point. 

> Could someone please explain that IMPORTANCE of worrying about SQL
> injection? Just how would it effect users of PD?

It is certainly important in any situation where you would want to do
variable substitution on queries using data sent to your Pd instance
over a network. Some people might use Pd in this way via a web interface
for example.



More information about the Pd-list mailing list