← Back to context Comment by abelcha 1 year ago duckDB is what sql should be in 2024https://duckdbsnippets.com/ 4 comments abelcha Reply xigoi 1 year ago The very first example on that page is vulnerable to injection. richbell 1 year ago Which one? xigoi 1 year ago #!/bin/bash function csv_to_parquet() { file_path="$1" duckdb -c "COPY (SELECT * FROM read_csv_auto('$file_path')) TO '${file_path%.*}.parquet' (FORMAT PARQUET);" } 1 reply →
xigoi 1 year ago The very first example on that page is vulnerable to injection. richbell 1 year ago Which one? xigoi 1 year ago #!/bin/bash function csv_to_parquet() { file_path="$1" duckdb -c "COPY (SELECT * FROM read_csv_auto('$file_path')) TO '${file_path%.*}.parquet' (FORMAT PARQUET);" } 1 reply →
richbell 1 year ago Which one? xigoi 1 year ago #!/bin/bash function csv_to_parquet() { file_path="$1" duckdb -c "COPY (SELECT * FROM read_csv_auto('$file_path')) TO '${file_path%.*}.parquet' (FORMAT PARQUET);" } 1 reply →
xigoi 1 year ago #!/bin/bash function csv_to_parquet() { file_path="$1" duckdb -c "COPY (SELECT * FROM read_csv_auto('$file_path')) TO '${file_path%.*}.parquet' (FORMAT PARQUET);" } 1 reply →
The very first example on that page is vulnerable to injection.
Which one?
1 reply →