Function argument not interpreted inside body - postgresql

I am trying to create a PL/pgSQL function in PostgreSQL 9.3.6, but there is weird behavior when using the passed argument inside function body. Here is the 'very simple' function:
CREATE OR REPLACE FUNCTION myschema.test (myarg text) RETURNS text AS $$
DECLARE
entity text;
buffer text;
BEGIN
CREATE ROLE myarg;
RETURN myarg;
END;
$$ LANGUAGE plpgsql;
So, if for instance myarg equals 'test':
A role named 'myarg' is created (WRONG)
'test' is returned (CORRECT)
I searched for hours why this could be and no clue... security parameter? Why is myarg not interpreted for creating roles?
Testing with phpPgAdmin through sql files if this has any impact.

You should use:
EXECUTE FORMAT('CREATE ROLE %I', myarg);
Here you can find an explanation (especially read Craig's answer).
As Erwin stated (thanks), %I is safer than %s. Anyway, myarg should be verified before the function call. Try for example
SELECT myschema.test('something; stupid; here;')

Related

PGSQL: Function argument not being passed correctly

I am attempting to search the "message" column of a table for any instance of a tag mentioned (like " #testing1 " for example).
When I manually enter the query it works but I think that I'm not understanding how to concat the tag properly:
This works:
select amount from donations where message like #testing1
But this does not:
CREATE OR REPLACE FUNCTION sum_tag(
tag TEXT)
RETURNS VOID AS $$
BEGIN
select amount from donations where message like CONCAT ('%#', tag, '%');
END; $$
LANGUAGE plpgsql;
The above is what is in the begin and end statements inside of the function sum_tag(tag text).
My intent is that I am trying to capture the tag whether it is in the message as "#testing1 this is a message" or "This is a message #testing1" and then use that as an identifier to sum up all of the amount column values for the associated rows.
Update 1
I have attempted to use the suggestion as noted in the comments but It did not seem to work. The updated function was entered as:
CREATE OR REPLACE FUNCTION sum_tag(
tag TEXT)
RETURNS VOID AS $$
BEGIN
EXECUTE format('select amount from donations where message like %s', tag);
END; $$
LANGUAGE plpgsql;
This did not work either. If I am understanding, the entire statement needs to be in single quotes and %s is the correct way to call the argument as it is a text string. I appreciate your explanation and places to look.

PostgreSQL INSERT INTO syntax error when creating function

I'm getting a syntax error but having issues identifying what exactly the issue is. I'm not sure if I'm misunderstanding things here -- but it looks like the INSERT INTO is breaking, but only when it's in the function.
I'm running the below through Hasura:
CREATE OR REPLACE FUNCTION custom_q_into_selected()
RETURNS trigger AS $BODY$
BEGIN
IF NEW.is_custom = true THEN
INSERT INTO selected_question(book_id,question_id)
VALUES(NEW.custom_for_book_id,NEW.id);
END IF;
RETURN NEW;
END;
$BODY$ LANGUAGE plpgsql;
Keep getting this error when I run this:
postgres-error: syntax error at or near "\"
Database logs:
CREATE OR REPLACE FUNCTION custom_q_into_selected() \r
RETURNS trigger AS $BODY$\r
BEGIN\r
IF NEW.is_custom THEN \r
INSERT INTO selected_question(book_id,question_id) VALUES(NEW.custom_for_book_id,NEW.id);\r
END IF;\r
RETURN NEW;\r
END;\r
$BODY$ LANGUAGE plpgsql;\r
Any help is appreciated.

Can you change an IN parameter inside of a plpgsql function?

Can you change a parameter that is set in the function header to something else with inside the function itself? The way I am reading this article it would seem like you can't postgres tutorial link
I am going to answer this one myself.
The short answer is Yes. You can change the default IN parameters in a plpgsql function.
Please see the following example:
--CREATE SCHEMA it
CREATE FUNCTION it.foo (_animal TEXT ) RETURNS TEXT LANGUAGE plpgsql AS
$$
BEGIN
IF _animal = 'cow' THEN
_animal = 'steak';
END IF;
RETURN _animal;
END;
$$;
SELECT it.foo('cow');

Plpgsql function error at or near Create syntax

I have just started using postgres and am new to the whole thing, I am using postgres version 9.6 and am trying to create a new function however I keep getting the error
ERROR: syntax error at or near "CREATE"
LINE 6: CREATE OR REPLACE FUNCTION time_passed(created text)
my function is this
CREATE OR REPLACE FUNCTION time_passed(created text)
RETURNS text AS
BEGIN
created :='Now';
RETURN created;
END;
$$ LANGUAGE plpgsql
What could be wrong with the Create syntax?
You're missing the opening $$ to match the closing ones:
CREATE OR REPLACE FUNCTION time_passed(created text)
RETURNS text AS $$
-- Here --------^
BEGIN
created :='Now';
RETURN created;
END;
$$ LANGUAGE plpgsql

How can use custom_variable_class

i am create custom_variable_class= myapp in postgresql.conf. And set the value is inside of function like
CREATE OR REPLACE FUNCTION fn_purchase(xmode text, xuserno integer)
RETURNS text AS
set myapp.user_no=xuserno
..........
..........
END;
Now i am using myapp.user in my trigger
CREATE OR REPLACE FUNCTION public.delete_history()
RETURNS trigger AS
$BODY$
DECLARE userno text;
BEGIN
SELECT current_setting('myapp.user_no') into userno;
END;
$BODY$
If set userno is integer then it show error message.
invalid input syntax for integer: "xuserno".
and
SELECT current_setting('myapp.user_no') is show xuserno not xuserno value. That means xuserno=5 it show xuserno not 5. I am doing any thing wrong?
Your problem is a very subtle one:
According to the docs instead of:
custom_variable_class= myapp
You should have
custom_variable_classes='myapp'
Note that custom_variable_classes is intended to be used to set multiple classes for multiple addons.
From there, with the comments above, this should work.