From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM
	autolearn=unavailable autolearn_force=no version=3.4.4
X-Received: by 2002:a24:4dd2:: with SMTP id
 l201mr13923603itb.34.1543308715474;
        Tue, 27 Nov 2018 00:51:55 -0800 (PST)
X-Received: by 2002:a9d:bd5:: with SMTP id 79mr498490oth.7.1543308715182; Tue,
 27 Nov 2018 00:51:55 -0800 (PST)
Path: 
 eternal-september.org!reader01.eternal-september.org!feeder.eternal-september.org!news.gegeweb.eu!gegeweb.org!usenet-fr.net!proxad.net!feeder1-2.proxad.net!209.85.166.215.MISMATCH!k10no40046itk.0!news-out.google.com!y103-v6ni55ita.0!nntp.google.com!k10no40045itk.0!postnews.google.com!glegroupsg2000goo.googlegroups.com!not-for-mail
Newsgroups: comp.lang.ada
Date: Tue, 27 Nov 2018 00:51:54 -0800 (PST)
In-Reply-To: <ptj0a0$1non$1@gioia.aioe.org>
Complaints-To: groups-abuse@google.com
Injection-Info: glegroupsg2000goo.googlegroups.com;
 posting-host=176.130.29.212;
 posting-account=6yLzewoAAABoisbSsCJH1SPMc9UrfXBH
NNTP-Posting-Host: 176.130.29.212
References: <ce530325-6c40-458f-bd51-b5f03eebe02e@googlegroups.com>
 <ptbb8s$1g72$1@gioia.aioe.org>
 <9468b0a5-19bd-4057-a0d8-f84ed0425188@googlegroups.com>
 <e75fd330-c195-498b-a776-86f23541aae7@googlegroups.com>
 <e5e3c744-fedc-440a-bc32-9e621623f567@googlegroups.com>
 <8d3pvdt79sessg38k2uo5s6lqr6u7m61p7@4ax.com> <ptj0a0$1non$1@gioia.aioe.org>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <77d44394-12c6-4102-8962-d576f2103822@googlegroups.com>
Subject: Re: Prepared_Statement :(
From: briot.emmanuel@gmail.com
Injection-Date: Tue, 27 Nov 2018 08:51:55 +0000
Content-Type: text/plain; charset="UTF-8"
Xref: reader01.eternal-september.org comp.lang.ada:54911
Date: 2018-11-27T00:51:54-08:00
List-Id: <comp.lang.ada>

> Ergo, if you can, never use any DB-specific bindings, use ODBC. It is 
> not portable across RDBMs either (SQL is very not Ada (:-)), but at 
> least it would give you far less headache...

Alternatively, use GNATCOLL and let it do the formatting for you. The OP
query could be written as :

  with Database;  --  generated via gnatcoll_db2ada
  declare
      PS     : Prepared_Statement  := Prepare(
         SQL_Insert
             ((Database.Exmo.Trades.Trade_Id = Integer_Param (1))
              & (Database.Exmo.Trades.Pair = Integer_Param (2))
              & ...));
  begin
      --  actual execution remains the same
  end;

Then whether you use sqlite, postgresql, or add a new backend to gnatcoll, the
code remains valid.

All of these are valid choices, and depends on your workflow