>>>function SQLString($s) {
>>> $s = str_replace("'", "\\s", $s)'
>>> $s = str_replace("\\", "\\\\", $s);
>>> return "'" . $s . "'";
>
>
> Have you looked at the function PQescapeString() in the libpq library?
> Using that would seem to be a simpler way of solving this problem.
If he's using PHP, he should be using the pg_escape_string() function.
Chris