2011/5/31 Tarlika Elisabeth Schmitz :
> On Tue, 31 May 2011 06:09:18 +0200
> Pavel Stehule wrote:
>
>>2011/5/31 Tarlika Elisabeth Schmitz :
>>> On Mon, 30 May 2011 11:02:34 +0200
>>> Pavel Stehule wrote:
>>>
> 2) I took from your blog entry
> (http://okbob.blogspot.com/2008/06/execute-usi
On Tue, 31 May 2011 06:09:18 +0200
Pavel Stehule wrote:
>2011/5/31 Tarlika Elisabeth Schmitz :
>> On Mon, 30 May 2011 11:02:34 +0200
>> Pavel Stehule wrote:
>>
2) I took from your blog entry
(http://okbob.blogspot.com/2008/06/execute-using-feature-in-postgresql-84.html)
that it is
2011/5/31 Tarlika Elisabeth Schmitz :
> On Mon, 30 May 2011 11:02:34 +0200
> Pavel Stehule wrote:
>
>>> 2) I took from your blog entry
>>> (http://okbob.blogspot.com/2008/06/execute-using-feature-in-postgresql-84.html)
>>> that it is good practice to use EXECUTE USING.
>>> Well, there's no danger
On Mon, 30 May 2011 11:02:34 +0200
Pavel Stehule wrote:
>> 2) I took from your blog entry
>> (http://okbob.blogspot.com/2008/06/execute-using-feature-in-postgresql-84.html)
>> that it is good practice to use EXECUTE USING.
>> Well, there's no danger of SQL injection as this particular DB runs
>>
Hello
>>[...]
>>Clause USING doesn't do a array unpacking
>>
>>you should to generate little bit different dynamic statement
>>EXECUTE 'SELECT .. WHERE a = $1[1] AND b = $1[2]' USING ARRAY[...]
>
> I changed that but this wasn't my only problem; typecasting was the
> second issue. Column "id1" is
Hello Pavel,
Thanks for taking the time to reply.
On Fri, 27 May 2011 09:12:20 +0200
Pavel Stehule wrote:
>Hello
>
>2011/5/26 Tarlika Elisabeth Schmitz :
>> On Sun, 22 May 2011 20:39:01 +0200
>> Pavel Stehule wrote:
>>
>>>2011/5/22 Tarlika Elisabeth Schmitz
>>>:
EXECUTE 'SELECT 1 FROM ' ||
On Sun, 22 May 2011 20:39:01 +0200
Pavel Stehule wrote:
>Hello
>
>2011/5/22 Tarlika Elisabeth Schmitz :
>> EXECUTE 'SELECT 1 FROM ' || TG_TABLE_NAME || ' WHERE ' || whereclause
>> || ' FOR UPDATE;';
>>
>> I am generating the whereclause dynamically as the number of columns
>> queried varies.
>>
>
Hello
2011/5/22 Tarlika Elisabeth Schmitz :
> EXECUTE 'SELECT 1 FROM ' || TG_TABLE_NAME || ' WHERE ' || whereclause
> || ' FOR UPDATE;';
>
> I am generating the whereclause dynamically as the number of columns
> queried varies.
>
> Am I right in assuming that I cannot use EXECUTE ... USING in this
EXECUTE 'SELECT 1 FROM ' || TG_TABLE_NAME || ' WHERE ' || whereclause
|| ' FOR UPDATE;';
I am generating the whereclause dynamically as the number of columns
queried varies.
Am I right in assuming that I cannot use EXECUTE ... USING in this
scenario?
--
Best Regards,
Tarlika Elisabeth Schmitz
