int SPI_execute_with_args(const char *command, int nargs, Oid *argtypes, Datum *values, const char *nulls, bool read_only, long count)
SPI_execute_with_args executes a
command that might include references to externally supplied
parameters. The command text refers to a parameter as $n, and the call
specifies data types and values for each such symbol. read_only and count
have the same interpretation as in
The main advantage of this routine compared to
SPI_execute is that data values can be inserted
into the command without tedious quoting/escaping, and thus with
much less risk of SQL-injection attacks.
Similar results can be achieved with
SPI_prepare followed by
SPI_execute_plan; however, when using this
function the query plan is always customized to the specific
parameter values provided. For one-time query execution, this
function should be preferred. If the same command is to be
executed with many different parameters, either method might be
faster, depending on the cost of re-planning versus the benefit
of custom plans.
number of input parameters ($1, $2, etc.)
an array containing the OIDs of the data types of the parameters
an array of actual parameter values
an array describing which parameters are null
If nulls is NULL then
SPI_execute_with_args assumes that no
parameters are null.
true for read-only execution
maximum number of rows to return, or 0 for no limit
The return value is the same as for
SPI_processed and SPI_tuptable are set as in
SPI_execute if successful.