query package:sqlite-simple

Perform a SELECT or other SQL query that is expected to return results. All results are retrieved and converted before this function returns. When processing large results, this function will consume a lot of client-side memory. Consider using fold instead. Exceptions that may be thrown:

• FormatError: the query string mismatched with given arguments.
• ResultError: result conversion failed.

A query string. This type is intended to make it difficult to construct a SQL query by concatenating string fragments, as that is an extremely common way to accidentally introduce SQL injection vulnerabilities into an application. This type is an instance of IsString, so the easiest way to construct a query is to enable the OverloadedStrings language extension and then simply write the query in double quotes.

{-# LANGUAGE OverloadedStrings #-}

import Database.SQLite.Simple

q :: Query
q = "select ?"

The underlying type is a Text, and literal Haskell strings that contain Unicode characters will be correctly transformed to UTF-8.

A version of query where the query parameters (placeholders) are named. Example:

r <- queryNamed c "SELECT * FROM posts WHERE id=:id AND date>=:date" [":id" := postId, ":date" := afterDate]

A version of query that takes an explicit RowParser.

A version of query that does not perform query substitution and takes an explicit RowParser.

A version of query that does not perform query substitution.