Re: How to escape to quotes on Insert into?
| От | Andre Lopes |
|---|---|
| Тема | Re: How to escape to quotes on Insert into? |
| Дата | |
| Msg-id | CAGFRAbNLH24tzb31YOQO_3ELPesGGb96qL9pY0W-wJYDAF9naQ@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: How to escape to quotes on Insert into? (Bill Moran <wmoran@potentialtech.com>) |
| Список | pgsql-general |
Thanks for your help. It is working. Best Regards, On Wed, Dec 21, 2011 at 9:04 PM, Bill Moran <wmoran@potentialtech.com> wrote: > In response to Andre Lopes <lopes80andre@gmail.com>: > >> Hi, >> >> I need to escape quotes on an insert into that have a quote like this: >> >> http://host.com/cond'nast >> >> How can I escape " ' " on an insert into? > > It depends: > > The best way is to pass the string as a parametrized query, then you don't > have to escape anything. > > The second best way is to use the string escape function for whatever > language your programming in. > > If you don't have either of those available, you should reconsider your > choice of language/client library, as writing your own escape functions is > bad news. > > If you're forced to write the raw SQL statements for some reason, you > escape ' with a second ', so: > INSERT INTO tablename (colname) VALUES ('http://host.com/cond''nast'); > > -- > Bill Moran > http://www.potentialtech.com > http://people.collaborativefusion.com/~wmoran/ > > -- > Sent via pgsql-general mailing list (pgsql-general@postgresql.org) > To make changes to your subscription: > http://www.postgresql.org/mailpref/pgsql-general
В списке pgsql-general по дате отправления: