| From: | Steve Atkins <steve(at)blighty(dot)com> |
|---|---|
| To: | pgsql General <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Semi-customized queries? Subset of SQL? Accessing the parser? Injection? |
| Date: | 2008-11-04 20:07:17 |
| Message-ID: | A6C6134B-CE9F-4626-AE63-2A668B50517D@blighty.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Nov 4, 2008, at 11:46 AM, Webb Sprague wrote:
>> Or do it with simple combo boxes if you
>> want to limit the users to crippled queries.)
>
> I want to limit my users to *half* crippled queries -- arbitrary
> column lists, where clauses, group by lists, and sort by lists. I
> want to make sure that they aren't doing any data modifications nested
> inside a where clause or a column definition as a subquery.
>
>> I don't see anything that suggests hacking the SQL parser
>> is going to be a useful thing to do.
>
> I would think that I could *use* (definitely not hack -- good god!)
> the parser to ask how deep the nested subqueries are, etc.
Have you looked at the output from "explain"? That'll give you
cost estimates, and fairly detailed data on how the query will
be executed, including nested queries, index usage and so on.
Cheers,
Steve
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jonathan Guthrie | 2008-11-04 20:34:32 | Re: I'm puzzled by a foreign key constraint problem |
| Previous Message | Sam Mason | 2008-11-04 20:06:14 | Re: time interval format srting |