>
>
> I can think of at least three workarounds in 7.4:
>
> 1. Always quote your constants:
>
> ... WHERE bigintcol = '42';
You can also
WHERE bigintcol = 42::bigint
Sincerely,
Joshua D. Drake
>
> 2. Use a prepared statement:
>
> PREPARE foo(bigint) AS ... WHERE bigintcol = $1;
>
> EXECUTE foo(42);
>
> 3. Use parameterized statements in extended-query mode (essentially the
> same idea as #2, but at the protocol level). This doesn't help for
> pure SQL scripts, but is very workable when coding against libpq or
> JDBC. Among other things it gets you out of worrying about SQL
> injection attacks when your parameter values come from untrusted
> sources.
>
> regards, tom lane
>
> ---------------------------(end of broadcast)---------------------------
> TIP 8: explain analyze is your friend
--
Command Prompt, Inc., home of Mammoth PostgreSQL - S/ODBC and S/JDBC
Postgresql support, programming shared hosting and dedicated hosting.
+1-503-667-4564 - jd@commandprompt.com - http://www.commandprompt.com
Mammoth PostgreSQL Replicator. Integrated Replication for PostgreSQL
