You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Right now, I'm using %I.%I for table names in dynamic queries (EXECUTE format(...)). But PostgreSQL's regclass to string casts are safe, i.e. they automatically escape spaces and other unsafe characters. Therefore format()'s %s placeholder can be used.
The advantage of this (other than its readability) is that we won't need to resolve the schema and table names ourselves every single time.
The text was updated successfully, but these errors were encountered:
Right now, I'm using
%I.%I
for table names in dynamic queries (EXECUTE format(...)
). But PostgreSQL'sregclass
to string casts are safe, i.e. they automatically escape spaces and other unsafe characters. Thereforeformat()
's%s
placeholder can be used.The advantage of this (other than its readability) is that we won't need to resolve the schema and table names ourselves every single time.
The text was updated successfully, but these errors were encountered: