Category Archives: Programming

PostgreSQL Dynamic SQL & Quote_ident Gotchas

Database, Programming

PostgreSQL provides two useful functions to aid in the safe development of dynamic SQL:

quote_ident
The quote_ident function accepts and returns a text type. Whatever text you pass into quote_ident will be suitably escaped such that you could safely use it as an identifier within a dynamic SQL statement.

According to the documentation, you should always pass table and column identifiers into the quote_ident function for safety. Calling quote_ident('mytable') will return mytable, however calling quote_ident('MyTable') would return "MyTable".

quote_literal
The quote_literal function accepts and returns a text type. Whatever text you pass into the quote_literal function will be escaped so that you can safely use them in dynamic SQL.

You should always pass values or literals into the quote_literal function. By doing so, all special characters such as quotes will be safely dealt with. Calling quote_literal('mycolumn') would return 'mycolumn' whilst quote_literal('my\'column') would return 'my''column'.

Both of these functions work a treat, however there is a caveat with the quote_ident function which isn’t well documented. When creating objects in PostgreSQL, they object names are automatically lowercased unless you create the object using double quotes. As a simple example:

  1. CREATE TABLE MyTable (id integer, name varchar); would result in an object mytable being created.
  2. CREATE TABLE "MyTable" (id integer, name varchar); would result in an object MyTable being created; note the casing.

Now lets assume you wanted to create some dynamic SQL to fetch information out of the first example table above. If you issued quote_ident('mytable'), your dynamic SQL statement will execute because the value returned from quote_ident is lowercase which matches the table name. If you called quote_ident('MyTable'), your dynamic SQL statement will report an error stating that it cannot find the table or relation.

Creating dynamic SQL in PostgreSQL to fetch data out of the second example above, you would run into the reverse scenario. Issuing quote_ident('mytable') would produce an error, while quote_ident('MyTable') would execute without error.

If you create your database objects without using double quotes, then it’s important to remember to not pass capitalised parameters into quote_ident. The opposite is of course true as well, if you create your objects using double quotes then you must remember to pass in the same casing to quote_ident. If quote_ident applies double quotes (be it from capitised letters, spaces or special characters), the SQL engine within PostgreSQL will assume that an object exists with the explicit name matching the returned value of the quote_ident function.

WordPress Plugin: Kottke Style Archives

Blogging, Database, Programming, Software

Kottke Style Archives, a WordPress archives plugin which emulates http://www.kottke.org/everfreshAre you sick of seeing WordPress archives that stretch the length of your arm? If you are, then you might have just found the next best thing to sliced bread! The Kottke Style Archives plugin is a WordPress archives plugin which will display your yearly archives in a similar format to Jason Kottke.

If you’re wondering why you might want your archive page looking like that, there are a couple of simple explanations:

  • You don’t like having to scroll
  • You need or value your screen real estate
  • You want your site to be more accessible on mobile devices, see point #2
  • You want a change, after all – everyone has the same ol same ol archives page

You can find out all about the Kottke Style Archives plugin at its permanent home. If you have any comments, problems or suggestions – feel free to drop them into this thread.

PyMissile, The Python Missile Control Centre

Hardware, Humour, Programming

I think I’ve found one of the coolest Python projects to date, its called PyMissile and is a Python script which can control a Marks & Spencer USB Missile Launcher on Linux.

PyMissile is written by Scott Weston and he has some videos of his missile launchers being simultaneously controlled by PyMissile. What is even cooler, is that Scott says he has implemented motion detection sentry functionality using a webcam and can also control his missile collection remotely via XML-RPC.

If you’re interested, check out the Python source code. I certainly haven’t grokked Python but the Python language is so readable that it’ll make sense to most people.

WordPress Plugin: Subtraction Style Archives

Blogging, Database, Programming, Software

Subtraction Style Archives, a WordPress archives plugin which emulates http://www.subtraction.com/archives/Looking for a new way to display your WordPress archives page? Look no further, you’ve found the Subtraction Style Archives plugin. The Subtraction Style Archives plugin provides functionality which will allow you to generate an archive page similar to that on Subtraction.

There is a permanent page for the plugin which describes:

  • where to download it
  • how to install it
  • how to implement it in your own web site
  • some notes on the plugin
  • a changeset for the plugin

If you have any questions, problems or suggestions about the plugin; feel free to drop a comment about it.

Dictionary.com CSS Makeover

Programming, Websites

Lexico Publishing Group have just released their new web site design which has been deployed over all of their reference.com domains, most notably dictionary.com and thesaurus.com.

The news that the sites were being redesigned was first broken by Jeffery Zeldman, one of the most influential people in pushing the semantic web and standards based design forward. Lexico contracted the Zeldman owned company Happy Cog Studios to work on the redesign. I think it is fitting that a high profile semantic web fanatic be involved with the redevelopment of a dictionary, thesaurus and encyclopedia.

This is my very brief critique of the new site:

  • I really like the new colour
  • I like the simple, now classic tabbed navigation between dictionary, thesaurus and reference dot com sites
  • Though not surprising, I like the fact that the new design contains less than 50% of the HTML of the previous design
  • I hate the massive horizontal banner on the front page, it just breaks the look of the site.
  • The front page feels cluttered and hard to read because of the multiple sets of small lists of links
  • I don’t like the use of the little images in the lists of links on the front page. I think they should have signified the important link through the link text weight or by changing the bullet point image.

Other than, what I’d personally consider a poor choice for positioning their primary advertising – I’m pretty happy with the new design. I’m sure that the people maintaining the site are going to be much happier they’ve now got a simple set of CSS to manage instead of embedded markup.