Bill Moran wrote:
>
>
>Simply put:
>1) If the untrusted value is a string, using a proper escape sequence
should
> make it safe.
>
>
in pgsql (and mysql) you can escape almost everything.
update table set a = '5' is corrent, even is column a is integer type.
You can't escape the null value.
Mage