What about other languages?
Use Parameters (regardless of language)
For example, do this:
const char* params[] = {"5", "five"};
res = PQexecParams(cnxn,
"insert into t(x, s) values($1, $2)",
2, // Number of inputs
NULL, // Postgres will deduce input types
params, // Parameters as strings
NULL, // Parameter lengths, not needed for text params
NULL, // Parameter formats, not needed for text params
0); // Obtain results in text format
Not this:
res = PQexec(cnxn, "insert into t(x, s) values(5, 'five')");
|