Hi, On 5/19/05, bandeng <[EMAIL PROTECTED]> wrote: > i want to make dynamic sql query like this > > select * from tb_cust where name='erick' and age='20' > > to > > select * from tb_cust $1 > > i have tried but error comeup
I think there's a confusion about the usage of parameters like $1, $2, ... etc. You cannot use parameters for a whole statement like "where name='erick' and age='20'" or "name='erick'". It's only useful to point returned fields. Namely, above SQL query should be: SELECT * FROM tb_cust WHERE name = $1 AND age = $2; Plus beware it doesn't need quotes around parameter. Moreover, if you're using some PostgreSQL API, you don't need to escape data inserted by parameters. You may refer to documentation for further information. Regards. ---------------------------(end of broadcast)--------------------------- TIP 4: Don't 'kill -9' the postmaster
