Re: [GENERAL] trigger - dynamic WHERE clause

2011-05-31 Thread Pavel Stehule
2011/5/31 Tarlika Elisabeth Schmitz : > On Tue, 31 May 2011 06:09:18 +0200 > Pavel Stehule wrote: > >>2011/5/31 Tarlika Elisabeth Schmitz : >>> On Mon, 30 May 2011 11:02:34 +0200 >>> Pavel Stehule wrote: >>> > 2) I took from your blog entry > (http://okbob.blogspot.com/2008/06/execute-usi

Re: [GENERAL] trigger - dynamic WHERE clause

2011-05-31 Thread Tarlika Elisabeth Schmitz
On Tue, 31 May 2011 06:09:18 +0200 Pavel Stehule wrote: >2011/5/31 Tarlika Elisabeth Schmitz : >> On Mon, 30 May 2011 11:02:34 +0200 >> Pavel Stehule wrote: >> 2) I took from your blog entry (http://okbob.blogspot.com/2008/06/execute-using-feature-in-postgresql-84.html) that it is

Re: [GENERAL] trigger - dynamic WHERE clause

2011-05-30 Thread Pavel Stehule
2011/5/31 Tarlika Elisabeth Schmitz : > On Mon, 30 May 2011 11:02:34 +0200 > Pavel Stehule wrote: > >>> 2) I took from your blog entry >>> (http://okbob.blogspot.com/2008/06/execute-using-feature-in-postgresql-84.html) >>> that it is good practice to use EXECUTE USING. >>> Well, there's no danger

Re: [GENERAL] trigger - dynamic WHERE clause

2011-05-30 Thread Tarlika Elisabeth Schmitz
On Mon, 30 May 2011 11:02:34 +0200 Pavel Stehule wrote: >> 2) I took from your blog entry >> (http://okbob.blogspot.com/2008/06/execute-using-feature-in-postgresql-84.html) >> that it is good practice to use EXECUTE USING. >> Well, there's no danger of SQL injection as this particular DB runs >>

Re: [GENERAL] trigger - dynamic WHERE clause

2011-05-30 Thread Pavel Stehule
Hello >>[...] >>Clause USING doesn't do a array unpacking >> >>you should to generate little bit different dynamic statement >>EXECUTE 'SELECT .. WHERE a = $1[1] AND b = $1[2]' USING ARRAY[...] > > I changed that but this wasn't my only problem; typecasting was the > second issue. Column "id1" is

Re: [GENERAL] trigger - dynamic WHERE clause

2011-05-27 Thread Tarlika Elisabeth Schmitz
Hello Pavel, Thanks for taking the time to reply. On Fri, 27 May 2011 09:12:20 +0200 Pavel Stehule wrote: >Hello > >2011/5/26 Tarlika Elisabeth Schmitz : >> On Sun, 22 May 2011 20:39:01 +0200 >> Pavel Stehule wrote: >> >>>2011/5/22 Tarlika Elisabeth Schmitz >>>: EXECUTE 'SELECT 1 FROM ' ||

Re: [GENERAL] trigger - dynamic WHERE clause

2011-05-26 Thread Tarlika Elisabeth Schmitz
On Sun, 22 May 2011 20:39:01 +0200 Pavel Stehule wrote: >Hello > >2011/5/22 Tarlika Elisabeth Schmitz : >> EXECUTE 'SELECT 1 FROM ' || TG_TABLE_NAME || ' WHERE ' || whereclause >> || ' FOR UPDATE;'; >> >> I am generating the whereclause dynamically as the number of columns >> queried varies. >> >

Re: [GENERAL] trigger - dynamic WHERE clause

2011-05-22 Thread Pavel Stehule
Hello 2011/5/22 Tarlika Elisabeth Schmitz : > EXECUTE 'SELECT 1 FROM ' || TG_TABLE_NAME || ' WHERE ' || whereclause > || ' FOR UPDATE;'; > > I am generating the whereclause dynamically as the number of columns > queried varies. > > Am I right in assuming that I cannot use EXECUTE ... USING in this

[GENERAL] trigger - dynamic WHERE clause

2011-05-22 Thread Tarlika Elisabeth Schmitz
EXECUTE 'SELECT 1 FROM ' || TG_TABLE_NAME || ' WHERE ' || whereclause || ' FOR UPDATE;'; I am generating the whereclause dynamically as the number of columns queried varies. Am I right in assuming that I cannot use EXECUTE ... USING in this scenario? -- Best Regards, Tarlika Elisabeth Schmitz