Should I disable "disable prepared statements" in DB settings?

I've asked a couple of questions on the forum (see How to build detail views that are populated from separate queries? - #3 by trebor and Can't refresh pie chart on date range change - #4 by ScottR) to which all the answers seem to basically be

Reference the table data directly in your query

e.g. select * from some_table where myid = {{}}

However, this does not work for Postgres unless you disable converting queries to prepared statements


My understand was that this setting is there to prevent SQL injection attacks? However, it seems a lot of functionality doesn't really work with it enabled.

Do people just disable this setting?

No, never have needed to disable it.
I'm also using Postgres and use statements like the above all the time.
Might be something else going on here, when you say it doesn't work does it return an unexpected value or an error?

Hi @dcartlidge

It's things like this I can't seem to work out how to do without turning that setting off: Can't refresh pie chart on date range change

We might want to sort out the basics first then.
The simple select * example in your original post "doesn't work" for you unless you disable prepared statements?
What result do you get in both cases and what errors?

Okay, this is totally my fault. It does work :frowning_face:

Thanks very much. I'm not sure how I managed to miss that.