beginner

What is Dynamic SQL in PostgreSQL?

Dynamic SQL is a way to build and run SQL commands as text strings at runtime, allowing flexible queries that can change based on input or conditions.

Click to reveal answer

beginner

How do you execute a dynamic SQL command inside a PL/pgSQL function?

You use the EXECUTE statement followed by a string containing the SQL command you want to run dynamically.

Click to reveal answer

intermediate

Why should you use quote_ident() or quote_literal() when building dynamic SQL?

These functions safely add identifiers or values to the SQL string, preventing errors and SQL injection by properly quoting them.

Click to reveal answer

intermediate

What happens if you try to use EXECUTE with a variable that is not a string?

EXECUTE requires a string argument. If you pass a non-string variable, you must convert it to text first, or it will cause an error.

Click to reveal answer

intermediate

Can you return results directly from EXECUTE in PL/pgSQL?

Yes, you can use EXECUTE with INTO to store the result of a dynamic query into a variable.

Click to reveal answer

Which PostgreSQL statement runs a dynamic SQL command stored in a string variable?

AEXECUTE

BRUN

CCALL

DPERFORM

What function should you use to safely add a table name to a dynamic SQL string?

Aquote_literal()

Bquote_ident()

Cto_char()

Dcast()

How do you capture the result of a dynamic SELECT query in PL/pgSQL?

AEXECUTE ... INTO variable

BPERFORM ... INTO variable

CCALL ... INTO variable

DSELECT ... INTO variable

What is a risk if you build dynamic SQL without quoting identifiers or literals?

ANo risk at all

BFaster query execution

CAutomatic optimization

DSyntax errors and SQL injection

Which data type must EXECUTE receive as input?

AInteger

BBoolean

CText or string

DDate

Explain how to safely build and run a dynamic SQL query in PostgreSQL using EXECUTE.

Describe a scenario where dynamic SQL with EXECUTE is useful and how you would implement it.