diff --git a/doc/TODO b/doc/TODO
index 398969582147659f76844e67a2182f92ba307211..8d290b33251b841cab552e2422fa4afe46af4e42 100644
--- a/doc/TODO
+++ b/doc/TODO
@@ -2,7 +2,7 @@
PostgreSQL TODO List
====================
Current maintainer: Bruce Momjian (bruce@momjian.us)
-Last updated: Thu Mar 29 17:44:34 EDT 2007
+Last updated: Mon Apr 2 13:15:24 EDT 2007
The most recent version of this document can be viewed at
http://www.postgresql.org/docs/faqs.TODO.html.
@@ -906,6 +906,9 @@ Clients
http://archives.postgresql.org/pgsql-hackers/2007-01/msg00184.php
+ o Add PQexecf() that allows complex parameter substitution
+
+ http://archives.postgresql.org/pgsql-hackers/2007-03/msg01803.php
Triggers
========
diff --git a/doc/src/FAQ/TODO.html b/doc/src/FAQ/TODO.html
index 5fc878a5f1a0b0726f95f0ecc3eb5dfd75e1787f..fa54368cf5e75911389bd665398ffae98017eaf3 100644
--- a/doc/src/FAQ/TODO.html
+++ b/doc/src/FAQ/TODO.html
@@ -8,7 +8,7 @@
<body bgcolor="#FFFFFF" text="#000000" link="#FF0000" vlink="#A00000" alink="#0000FF">
<h1><a name="section_1">PostgreSQL TODO List</a></h1>
<p>Current maintainer: Bruce Momjian (<a href="mailto:bruce@momjian.us">bruce@momjian.us</a>)<br/>
-Last updated: Thu Mar 29 17:44:34 EDT 2007
+Last updated: Mon Apr 2 13:15:24 EDT 2007
</p>
<p>The most recent version of this document can be viewed at<br/>
<a href="http://www.postgresql.org/docs/faqs.TODO.html">http://www.postgresql.org/docs/faqs.TODO.html</a>.
@@ -808,6 +808,9 @@ first. There is also a developer's wiki at<br/>
</li><li>Consider disallowing multiple queries in PQexec() as an
additional barrier to SQL injection attacks
<p> <a href="http://archives.postgresql.org/pgsql-hackers/2007-01/msg00184.php">http://archives.postgresql.org/pgsql-hackers/2007-01/msg00184.php</a>
+</p>
+ </li><li>Add PQexecf() that allows complex parameter substitution
+<p> <a href="http://archives.postgresql.org/pgsql-hackers/2007-03/msg01803.php">http://archives.postgresql.org/pgsql-hackers/2007-03/msg01803.php</a>
</p>
</li></ul>
</p></ul>