> > with Perl and *using placeholders and bind values*, the application > > developer has not to worry about this. So, usually I don't check the > > values in my applications (e.g. if only values between 1 and 5 are > > allowed and under normal circumstances only these are possible), it's the > > task of the database (check constraint). > > That's the idea. It's the job of the database to guarantee data > integrety.
Yes, but what is currently missing is a protocol to the backend where a statement is prepared with placeholders and then executed (multiple times) with given values. Then there is no doubt what is a value, and what a part of the SQL. I think that this would be a wanted feature of the next protocol version. iirc the backend side part is currently beeing implemented. Andreas ---------------------------(end of broadcast)--------------------------- TIP 4: Don't 'kill -9' the postmaster
