On Mon, 5 Oct 2015, John Massai wrote:
>>> But for some reason, the filter variable isn't working on SigningTable
>>> as mentioned by myself (EPEL) and him (Debian). I don't know if that
>>> bug is fixed yet or not, but seems to have been around for a long
>>> time.
>>>
>>> Regardless, I am not trying to solve anything, I am asking for a bug
>>> fix (above) at least and a feature enhancement (more direct query
>>> control) would be better.
I tried the filter code just now (basically a 2.10.3 build from trunk) and
it seemed to work for me, or at least it constructed an SQL query as I
would expect. In particular, using this DSN specification:
dsn:mysql://opendk
im:PWDHERE_at_localhost/opendkim/table=signingtable?keycol=addr?datacol=keyname?filter=ID=0
and then a query for "foo", it generated this SQL:
SELECT keyname FROM signingtable WHERE addr = 'foo' AND ID=0
...which is what I would expect. What were you trying that wasn't
working?
As for more general access to an SQL database, I think that's reasonable
given you own the database it's going to be accessing. We need to be
careful about injection attacks, but I seem to recall OpenDBX has some
safety functions there that we're already using.
-MSK
Received on Tue Oct 06 2015 - 08:12:38 PST