jelis=> \d country
                                     Table "public.country"
    Column     |          Type           |                      Modifiers
---------------+-------------------------+------------------------------------------------------
 id            | integer                 | not null default nextval('country_id_seq'::regclass)
 name          | character varying( 8192 ) | not null
 short_name    | character( 3 )            | not null
 shortest_name | character( 2 )            | not null
Indexes:
    "pk_country" PRIMARY KEY, btree (id)
    "country_uq_idx" UNIQUE, btree (name)

jelis=> select * from country limit  10 ;
 id  |                     name                     | short_name | shortest_name
-----+----------------------------------------------+------------+---------------
    4  | Afghanistan                                  | AFG        | AF
    8  | Albania, People's Socialist Republic of      | ALB        | AL
  12 | Algeria, People's Democratic Republic of     | DZA        | DZ
   16  | American Samoa                               | ASM        | AS
   20  | Andorra, Principality of                     | AND        | AD
   24  | Angola, Republic of                          | AGO        | AO
  660  | Anguilla                                     | AIA        | AI
   10  | Antarctica (the territory South of  60  deg S) | ATA        | AQ
   28  | Antigua and Barbuda                          | ATG        | AG
   32  | Argentina, Argentine Republic                | ARG        | AR
( 10  rows)

CREATE OR REPLACE FUNCTION sql_in(txt text) RETURNS SETOF RECORD AS
$$
    DECLARE
        rez RECORD;
    BEGIN
        FOR rez IN EXECUTE 'SELECT * FROM Country WHERE short_name =\'' || txt || '\''
        LOOP
            RETURN NEXT rez;
        END LOOP;
        RETURN;
    END;
$$ LANGUAGE 'plpgsql';

jelis=> select * from sql_in('AFG') as (id integer, name varchar( 8192 ), short_name char( 3 ), shrtest_name char( 2 ));
 id |    name     | short_name | shrtest_name
----+-------------+------------+--------------
   4  | Afghanistan | AFG        | AF
( 1  row)

jelis=> select * from sql_in('AFG\' OR id= \'20') as (id integer, name varchar( 8192 ), short_name char( 3 ), shrtest_name char( 2 ));
 id |           name           | short_name | shrtest_name
----+--------------------------+------------+--------------
   4  | Afghanistan              | AFG        | AF
  20  | Andorra, Principality of | AND        | AD
( 2  rows)

sprintf(sql,"SELECT p1 FROM t1 WHERE p2=%i",atoi(param));

sprintf(sql,"SELECT p1 FROM t1 WHERE p2=%i",atoi(param));

sprintf(sql,"SELECT * FROM my_funct(%i)",atoi(param));

sql_in('AFG\' OR id= \'20')

sql_in('AFG'' OR id= ''20')

sql_in('AFG'''' OR id= ''''20')