Re: [INTERFACES] escaping characters ...

What about: % and ? for like clauses... I think the function in question
would be a handy option though. I almost always implement one of these
methods in the application code.


Regards,
Joe Shevland

----- Original Message -----
From: "Tom Lane" <tgl@sss.pgh.pa.us>
To: "The Hermit Hacker" <scrappy@hub.org>
Cc: <pgsql-interfaces@postgreSQL.org>
Sent: Tuesday, January 04, 2000 10:12 AM
Subject: Re: [INTERFACES] escaping characters ...


> The Hermit Hacker <scrappy@hub.org> writes:
> > MySQl has 'mysql_escape_string' in it's client library. Does Pg have
> > something like that?
>
> libpq doesn't provide any such function --- perhaps it should, but
> on the other hand the amount of code involved is pretty tiny, and
> issues like memory allocation/freeing would complicate the definition
> of the function.
>
> > if not, what should be escaped?
>
> When generating quoted strings for use in SQL commands, you should
> prefix single-quote (') and backslash (\) characters with a backslash.
> I think that's all.
>
> COPY IN/OUT data has a different set of rules.  There, you can but
> don't have to backslash single quotes.  You do need to convert returns
> and tabs into \n and \t, and of course backslash itself must be doubled.
> (If you are using some other character than tab as the field delimiter,
> then it'd need backslashing instead.)
>
> Data returned by libpq after a SELECT is not quoted at all.
>
> regards, tom lane
>
> ************
>