> On 13 Apr 2016, at 16:48, David G. Johnston <david.g.johns...@gmail.com> > wrote: > > On Wed, Apr 13, 2016 at 8:38 AM, Oliver Kohll <oli...@agilechilli.com > <mailto:oli...@agilechilli.com>> wrote: > Hello, > > We currently use prepared statements for most of the work an app does, as an > SQL injection protection and for other reasons. > > There's one statement which can't be prepared: > > SET LOCAL myprefix.mysetting = 'my setting value'; > > Ideally, I'd like to be able to do > > PREPARE test(text) as SET LOCAL myprefix.mysetting = $1; > > but this isn't supported (currently on PG 9.3) > > I suspect the answer is 'no' but no harm in asking if it's likely to be > considered in future. I can't see it here: > https://wiki.postgresql.org/wiki/Todo <https://wiki.postgresql.org/wiki/Todo> > > > Given that you can simply use the "set_config(...)" function I'd say that > this command will have not particular in the decision work on improving this > limitation in the system. > > http://www.postgresql.org/docs/9.5/interactive/functions-admin.html#FUNCTIONS-ADMIN-SET > > <http://www.postgresql.org/docs/9.5/interactive/functions-admin.html#FUNCTIONS-ADMIN-SET> > > David J.
Ah excellent, I should have seen that, thanks. Oliver
