On 27/07/16 03:15, Peter Eisentraut wrote:
> On 7/26/16 6:14 PM, Vik Fearing wrote:
>> As mentioned elsewhere in the thread, you can just do WHERE true to get
>> around it, so why on Earth have it PGC_SUSET?
>
> I'm not sure whether it's supposed to guard against typos and possibly
> buggy SQL string concatenation in application code. So it would help
> against accidental mistakes, whereas putting a WHERE TRUE in there would
> be an intentional override.
If buggy SQL string concatenation in application code is your argument,
quite a lot of them add "WHERE true" so that they can just append a
bunch of "AND ..." clauses without worrying if it's the first (or last,
whatever), so I'm not sure this is protecting anything.
--
Vik Fearing +33 6 46 75 15 36
http://2ndQuadrant.fr PostgreSQL : Expertise, Formation et Support