Ingmar Lötzsch <iloetzsch 'at' asci-systemhaus.de> writes:
> Of course you can concatenate the values like
>
> String idlist = "1, 2";
> String sql = "SELECT" + ... + "WHERE id IN (" + idlist + ")";
>
> and execute the statement. But there is no parameter.
...which is not too good, as the driver escapes/sanitizes input
much better than us (e.g. using parameters is *good*). Hence
personally, from JDBC, I like this workaround:
SELECT * FROM pg_language WHERE lanname = ANY( string_to_array(?, ',') );
See:
http://zarb.org/~gc/html/doc-misc.html#2008-08-21
--
Guillaume Cottenceau