build_sql

This is a convenience function that should prevent sql injection attacks
(which in the context of dplyr are most likely to be accidental not
deliberate) by automatically escaping all expressions in the input, while
treating bare strings as sql. This is unlikely to prevent any serious
attack, but should make it unlikely that you produce invalid sql.

internal

A 'dplyr' back end for databases that allows you to work with
remote database tables as if they are in-memory data frames.  Basic
features works with any database that has a 'DBI' back end; more
advanced features require 'SQL' translation to be provided by the
package author.

Hadley Wickham

dbplyr

A 'dplyr' Back End for Databases

Maximilian Girlich

Edgar Ruiz

RStudio 

build_sql function

<dl><dt>...</dt>
<dd>input to convert to SQL. Use <code>sql()</code> to preserve
user input as is (dangerous), and <code>ident()</code> to label user
input as sql identifiers (safe)</dd>
<dt>.env</dt>
<dd>the environment in which to evaluate the arguments. Should not
be needed in typical use.</dd>
<dt>con</dt>
<dd>database connection; used to select correct quoting characters.</dd></dl>

Arguments

Build a SQL string. — build_sql

<dl>

<dt>...</dt>
<dd>input to convert to SQL. Use <code>sql()</code> to preserve
user input as is (dangerous), and <code>ident()</code> to label user
input as sql identifiers (safe)</dd>


<dt>.env</dt>
<dd>the environment in which to evaluate the arguments. Should not
be needed in typical use.</dd>


<dt>con</dt>
<dd>database connection; used to select correct quoting characters.</dd>

</dl>

build_sql: Build a SQL string.

Description

Usage

Arguments

Details

Examples