[xquery-talk] questions about security and dynamically
dhruba_borthakur at hotmail.com
Wed Oct 22 11:26:51 PDT 2003
I was looking for exactly what you said: a direct invocation of a XQuery.
>From your comments,
and the general discussion in this forum, I gather that it is unlikely that
this feature will become
part of the XQuery standard. This feature will remain pretty much
dependent on vendor-implementation.
>From: "Paul Cotton" <pcotton at microsoft.com>
>To: "Per Bothner" <per at bothner.com>,"Dhruba Borthakur"
><dhruba_borthakur at hotmail.com>
>CC: <talk at xquery.com>
>Subject: RE: [xquery-talk] questions about security and dynamically
>Date: Tue, 21 Oct 2003 18:02:12 -0400
> > After all most databases allow you to create SQL dynamically,
> > so you there is no reason not to do the same for XQuery.
>This is not really true. Most SQL systems I am familiar with allow you
>to submit a SQL-statement dynamically with known <dynamic parameter
>marker>s (question marks) in the statement in many locations where a
>constant value can be supplied. But SQL systems do NOT provide a
>generalized eval() function that can take any SQL-statement at runtime.
>And I think this is what Dhruba was asking about.
>Paul Cotton, Microsoft Canada
>17 Eleanor Drive, Nepean, Ontario K2E 6A3
>Tel: (613) 225-5445 Fax: (425) 936-7329
>mailto:pcotton at microsoft.com
> > -----Original Message-----
> > From: talk-bounces at xquery.com [mailto:talk-bounces at xquery.com] On
> > Of Per Bothner
> > Sent: October 21, 2003 3:50 PM
> > To: Dhruba Borthakur
> > Cc: talk at xquery.com
> > Subject: Re: [xquery-talk] questions about security and dynamically
> > constructedqueries
> > Dhruba Borthakur wrote:
> > > 2. One XQuery implementation (that I am familiar with) has
> > > vendor extensions that allow constructing and executing a query
> > > dynamically. Do other implementations support a similar
> > I would expect most implementations would support this, possibly
> > exception those those that only support "stored queries". After all
> > most databases allow you to create SQL dynamically, so you there is no
> > reason not to do the same for XQuery. And implementation that are not
> > tied to a database will probably also mostly allow dynamic query
> > construction. This certainly includes Qexo.
> > Perhaps I'm misunderstanding your question.
> > --
> > --Per Bothner
> > per at bothner.com http://per.bothner.com/
> > _______________________________________________
> > talk at xquery.com
> > http://www.x-query.com/mailman/listinfo/talk
Never get a busy signal because you are always connected with high-speed
Internet access. Click here to comparison-shop providers.
More information about the talk