On Tue, Nov 23, 2021 at 05:14:44PM +0100, Daniel Frey wrote:
> > On 23. Nov 2021, at 16:43, Tom Lane wrote:
> >
> > PG's array quoting rules are odd enough that I can sympathize with not
> > wanting to deal with them. (Although, if you only have to build an
> > array and not parse one, taking th
On 23. Nov 2021, at 16:43, Tom Lane wrote:
> PG's array quoting rules are odd enough that I can sympathize with not
> wanting to deal with them. (Although, if you only have to build an
> array and not parse one, taking the always-quote-even-if-not-necessary
> approach makes it easier.)
>
> I do
On Tue, Nov 23, 2021 at 10:43:03AM -0500, Tom Lane wrote:
> "David G. Johnston" writes:
> > On Tue, Nov 23, 2021 at 7:21 AM wrote:
> >> Makes sense. Problem is, that, again, the application would be
> >> responsible of making sure the individual values don't contain nasty
> >> stuff (for example,
"David G. Johnston" writes:
> On Tue, Nov 23, 2021 at 7:21 AM wrote:
>> Makes sense. Problem is, that, again, the application would be
>> responsible of making sure the individual values don't contain nasty
>> stuff (for example, if they are strings) before consolidating them to
>> one PostgreSQL
On Tue, Nov 23, 2021 at 7:21 AM wrote:
> Makes sense. Problem is, that, again, the application would be
> responsible of making sure the individual values don't contain nasty
> stuff (for example, if they are strings) before consolidating them to
> one PostgreSQL array literal.
>
>
So long as you
On Tue, Nov 23, 2021 at 06:39:27PM +0500, Дмитрий Иванов wrote:
> Hi
> A function cannot have an undefined signature, but can accept an array of
> arguments:
I see. So you propose passing an array as a single param to
PQexecParams, in PostgreSQL's syntax for arrays, e.g.. "{42, 45, 50}".
Makes se
Hi
A function cannot have an undefined signature, but can accept an array of
arguments:
CREATE OR REPLACE FUNCTION bpd.object_del_by_id_array(
object_array bigint[])
RETURNS SETOF bpd.errarg_action
LANGUAGE 'plpgsql'
COST 100
VOLATILE SECURITY DEFINER PARALLEL SAFE
ROWS 1000
Hi,
PQexecParams expects a query string with "$1", "$2"... placeholders,
which refer to as many params in the param list. This keeps SQL
injection at bay.
Is there a way to express "variable length" lists? IOW, if I want to do
a query like
"SELECT * FROM customers WHERE id IN ($1, $2) AND name
