SQLPage built-in functions

In addition to normal SQL functions supported by your database, SQLPage provides a few special functions to help you extract data from user requests.

These functions are special, because they are not executed inside your database, but by SQLPage itself before sending the query to your database. Thus, they require all the parameters to be known at the time the query is sent to your database. Function parameters cannot reference columns from the rest of your query. The only case when you can call a SQLPage function with a parameter that is not a constant is when it appears at the top level of a SELECT statement. For example, SELECT sqlpage.url_encode(url) FROM t is allowed because SQLPage can execute SELECT url FROM t and then apply the url_encode function to each value.

The sqlpage.random_string function

Introduced in SQLPage 0.7.2.

Returns a cryptographically secure random string of the given length.


Generate a random string of 32 characters and use it as a session ID stored in a cookie:

INSERT INTO login_session (session_token, username) VALUES (sqlpage.random_string(32), :username)
    'cookie' AS component,
    'session_id' AS name,
    session_token AS value;



The length of the string to generate.