Precisely. It is utterly insane for programmers to communicate with a database by constructing strings in an arcane language that is then compiled in real time. Not only does this open a whole bunch of bizarre, security holes, it’s just plain dumb. We are programmers, we communicate with our libraries using functions and data structures, not strings that have a syntax that was designed 50 years ago for non-programmers to use.
nostr:nprofile1qqsza7flq8xjfylqgg66dwrmzrfuff6w9flt0s72795zdrm27ue3fdgct4s0j is this because you don't think it's wise for a weird Cobol-like string of instructions -- that first have to be generated by the host (with all the care to prevent malicious injections and all the refinement of string concatenation otherwise) and then parsed by the database -- to act as the API between two programs because they could pretty exchange structured data instead?
Discussion
No replies yet.