clean way to detect if current_query() is a prepared statement?

Question

Does anyone know a good way to detect if the result from current_query() is a prepared statement or not?

I seems that I can't simply use a string function because this would be an exampe for a prepared statement:

UPDATE table SET "x" = $1 WHERE "y" = $2 AND "z" = $3

But this would not:

UPDATE table SET "x" = '$1 + $2 = $3' WHERE "y"='$1' AND "z" = 1

Is there maybe another function I can use together with / instead of current_query() or do you have any other ideas?

Answer 1

You may be able to detect if current_query() is a prepared statement by looking for \\$[[:digit:]] after stripping the text of all strings. The following query would do, however it may fail in cases of intricate quote nesting:

with 
  queries(curr_query) as (
       values ($$UPDATE table SET "x" = '$1||''a'' + $2 = $3' WHERE "y"='$1' AND "z" = 1$$),
              ($$UPDATE table SET "x" = $r1$a$r1$||$1 WHERE "y" = $2 AND "z" = $3||$r1$b$r1$ $$),
              ($$UPDATE table SET "x" = $1 WHERE "y" = $2 AND "z" = $3$$)
    ),
  stripped as (
    select *, 
       regexp_replace(
         regexp_replace(
           regexp_replace(curr_query, '(["'']).*?\1', '', 'g'),
           '\$([[:alpha:]]*?)\$.*?\$\1\$', '', 'g'),
         '\$([[:alpha:]][[:alnum:]]*?)\$.*?\$\1\$', '', 'g') as stripped_query
    from queries
    )
select *, stripped_query ~ '\$[[:digit:]]' AS is_prepared
from stripped