For more info and usage examples see the README on the infuser github page.
To help prevent SQL injection attacks (or other injection attacks), use a transformation function to escape special characters and provide it through the transform_function argument. build_sql is a great default escaping function for SQL templating. For templating in other languages you will need to build/specify your own escaping function.
infuse(file_or_string, ...,
variable_identifier = getOption("variable_identifier"),
default_char = "|", collapse_char = ",",
transform_function = function(value) return(value),
verbose = getOption("verbose"), simple_character = FALSE,
strict = FALSE)the template file or a character string containing the template
different keys with related values, used to fill in the template (if first passed item is a list/environment the contents of this will be processed instead)
the opening and closing character that denounce a variable in the template, defaults to c("{{", "}}") and can be set persistently using e.g. options(variable_identifier=c("{{", "}}"))
the character use to specify a default after
the character used to collapse a supplied vector
a function through which all specified values are passed, can be used to make inputs safe(r). dplyr::build_sql is a good default for SQL templating.
verbosity level
if TRUE returns only a character vector, else adds the infuser class to the returned object.
if TRUE stops processing when a requested parameter is not supplied, else will simply leave the parameter as-is