Home > mailing lists

Re: Allow COPY to use parameters - Mailing list pgsql-hackers

From	David G. Johnston
Subject	Re: Allow COPY to use parameters
Date	May 27, 2016 14:17:24
Msg-id	CAKFQuwYu97aOvpunL4+BKrYzWOGoUFriHdBnv97djt5-Ar_28Q@mail.gmail.com Whole thread Raw
In response to	Re: Allow COPY to use parameters (Craig Ringer <craig@2ndquadrant.com>)
Responses	Re: Allow COPY to use parameters
List	pgsql-hackers

Tree view

On Fri, May 27, 2016 at 6:02 AM, Craig Ringer <craig@2ndquadrant.com> wrote:

COPY FROM $1 TO 'myfilename'

Random thought - how about at least making the following work:

For the following pretend that "STRING" has the same behavior as the "format(...)" function.

EXECUTE STRING('COPY %I TO %L', 'testtable', 'testfile.txt');

<(conceptually similar to: EXECUTE format('COPY %I TO %L', 'testtable', 'testfile.txt')>

This doesn't solve the knowledge problem but at least provides an idiomatic way to execute dynamic SQL without pl/pgsql and without forcing the client library to take responsibility for proper data massaging in order to eliminate sql injection.

As an extension making:

PREPARE name STRING('COPY %I TO %L', ?, ?);

EXECUTE name STRING USING ('testtable', 'testfile.txt');

David J.

pgsql-hackers by date:

From: Tom Lane
Date: 27 May 2016, 13:54:02
Subject: Re: COMMENT ON, psql and access methods

From: Kevin Grittner
Date: 27 May 2016, 14:58:34
Subject: Re: Re: [COMMITTERS] pgsql: Avoid extra locks in GetSnapshotData if old_snapshot_threshold <

Re: Allow COPY to use parameters - Mailing list pgsql-hackers

Previous

Next