On Mon, Feb 13, 2017 at 10:34 PM, Tom Lane <[email protected]> wrote: > Jim Nasby <[email protected]> writes: >> Is there a reason not to allow $SUBJECT? Specifically, it'd be nice to >> be able to do something like WHEN tag LIKE 'ALTER%'. > > Seems like it would be a seriously bad idea for such an expression to be > able to invoke arbitrary SQL code. What if it calls a user-defined > function that tries to do DDL?
Yeah. I remember thinking about this and deciding that allowing real expressions there was totally intractable. I don't remember what all the reasons were, but what Tom's talking about may have been at least part of it. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
