MySQL escaping issues

[PMunch]

I'm working on a server that uses a MySQL backend and I wanted to add pagination. Typically with the MySQL wrapper you would do something like this:

db.getAllRows(sql"SELECT * FROM table LIMIT 100 OFFSET ?", page*100)

However the dbFormat procedure that is applied to all such statements wraps all inputs in single quotes. This means that the SQL statement gets incorrectly converted to SELECT * FROM table LIMIT 100 OFFSET '200' which isn't a valid statement.

Another issue is that the dbQuote procedure that the formatting procedure applies seems to assume that the database is in ANSI_QUOTES mode and only escapes a small subset of things that should be escaped.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. If you think it is still a valid issue, write a comment below; otherwise it will be closed. Thank you for your contributions.

[PMunch]

This issue still exists, for most of the discussion regarding it see nim-lang/Nim#5885