[EugeneOZ]

just add "to_owned()" and problem solved. This function doesn't protect nothing, it's a bullshit. I love Rust, but author is far from the theme he is trying to describe. And theme is dangerous enough.

[C4K3]

to_owned() converts to a String, not to a &'static str. Those are not the same. You can't create a &'static str dynamically (though you can mutate one using unsafe.)

[derkha]

You can convert a `String` into a `&'static str` using only safe stdlib functions via `Box::leak(s.into())`. This uses `unsafe` internally, of course... but so does almost any code.

[C4K3]

Ah cool, I hadn't heard about Box::leak until now. Coming to stable in 1.26 it seems.

[EugeneOZ]

lol, so you call your SQL just with constants? "username" in his example just for one user forever? Still a bullshit.

[C4K3]

No, only the SQL statement has to be 'static. It's not bullshit.

[EugeneOZ]

Can you provide real-world example please?

[Khoth]

From TFA:

let _rows = sql_query("SELECT * FROM users WHERE username=?", &[username]);

The statement is static, but the [username] part is not, it's just a variable that can have whatever username you want.

[EugeneOZ]

and I already told that this example has no meaning, it's just a bullshit - nobody will use it in real app. You want to fetch from db info about the only one user, who's name is a constant? Yeah, all apps do it every day.