Documentation seems outdated

blackbeam / mysql_async

Asyncronous Rust Mysql driver based on Tokio.

Apache License 2.0

377 stars 114 forks source link

Documentation seems outdated #261

Closed ds-gipe closed 11 months ago

ds-gipe commented 11 months ago

r"INSERT INTO payment (customer_id, amount, account_name) VALUES (:customer_id, :amount, :account_name)" .with(payments.iter().map(|payment| params! { "customer_id" => payment.customer_id, "amount" => payment.amount, "account_name" => payment.account_name.as_ref(), })) .batch(&mut conn) .await?; Doesn't compile as str does not have a with method: method not found in &str

More importantly, there is no documentation on how to handle sql injection which seems to be a pretty important piece of any mysql driver.

blackbeam commented 11 months ago

Hi. Docs are ok - see the WithPatams trait. I believe it was mentioned by the compiler somewhere in your error message.

More importantly, there is no documentation on how to handle sql injection which seems to be a pretty important piece of any mysql driver.

Well.. Docs says "Prepared statements is the only way to pass rust value to the MySql server", in other words it is suggested to never use the text protocol for parametrized queries, everything else, I believe, is the developer's responsibility.

blackbeam commented 11 months ago

Btw, almost all the docs examples are a part of a test suite, so it is asserted that everything is up to date, but note that imports are hidden for brevity. Please inspect the docstring source code to get the details.

ds-gipe commented 11 months ago

Thanks!