"Gurjeet Singh" <[EMAIL PROTECTED]> writes: > Maybe we can extend the SQL's WITH clause do declare the constant along with > the query, and not separate from the query.
> WITH CONSTANT c_jobrole = 'clerk', CONSTANT c_dept = 10 > SELECT * FROM emp WHERE jobrole = c_jobrole and deptno = c_dept; [ scratches head... ] And that will provide SQL injection protection how? Anyway, you hardly need new syntax to do that, I'd expect WITH SELECT 'clerk' AS c_jobrole ... to accomplish it just fine. regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers