Hi all While looking at an unrelated issue in PgJDBC I noticed that it's difficult for users and the driver to tell in advance if a given statement will support bind parameters.
PostgreSQL just treats placeholders as syntax errors for non-plannable statements at parse time. This forces users to try to guess whether a given statement can be parameterised or not, or forces drivers to guess this on behalf of users and do client-side parameter substitution. As a result, some code that worked with PgJDBC using the v2 protocol will fail with the v3 protocol, e.g. @Test public void test() throws SQLException { PGConnection pgc = (PGConnection)conn; PreparedStatement ps = conn.prepareStatement("SET ROLE ?"); ps.setString(1, "somebody"); ps.executeUpdate(); } This works with the v2 protocol because PgJDBC does client side parameter binding unless you request sever-side prepare (via SQL-level PREPARE and EXECUTE). With the v3 protocol it always uses the extended parse/bind/execute flow, with unnamed statements. (Another case where this is quite frustrating is COPY, though PgJDBC has a wrapper API for COPY that helps cover that up.) It'd be nice not to force users to do their own escaping of literals in non-plannable statements. Before embarking on anything like this I thought I'd check and see if anyone's looked into supporting bind parameters in utility statements, or if not, if anyone has any ideas about the feasibility of adding such support. I didn't have much luck searching for discussion on the matter. -- Craig Ringer http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers