This repository was archived by the owner on Oct 29, 2024. It is now read-only.
Client's query() method should directly support parameter binding
#603
Comments
|
Any plans for supporting this? |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The
InfluxDBClient.query()method does not directly support the parameter binding syntax, documented at [1]. This can be worked around, by passing aparamsdictionary containing the JSON-encoded parameters as the "params" key, but this is rather confusing ("Which 'params' exactly are you talking about? How do I encode it?"). Thequery()method really should treat bound parameters as first-class citizens in some fashion. The obvious way of doing this would be to havequery()accept**kwargsand, if it is non-empty, JSON-encode it and add it to theparamsdictionary under the "params" key. Alternatively, thequery()method could take abindorboundparameter, which must be a dictionary that would be treated the same way.Either of these would match similar interfaces provided by other Python database libraries and would help eliminate the threat of query language injection, which is a potentially severe class of bugs.
[1] https://docs.influxdata.com/influxdb/v1.3//tools/api/#bind-parameters
The text was updated successfully, but these errors were encountered: