"Gurjeet Singh" <[EMAIL PROTECTED]> writes:
> Maybe we can extend the SQL's WITH clause do declare the constant along with
> the query, and not separate from the query.
> WITH CONSTANT c_jobrole = 'clerk', CONSTANT c_dept = 10
> SELECT * FROM emp WHERE jobrole = c_jobrole and deptno = c_dept;
[ scratches head... ] And that will provide SQL injection protection how?
Anyway, you hardly need new syntax to do that, I'd expect
WITH SELECT 'clerk' AS c_jobrole ...
to accomplish it just fine.
regards, tom lane
--
Sent via pgsql-hackers mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
