Re: Re: Escaping strings for inclusion into SQL queries

Поиск
Список
Период
Сортировка
От Florian Weimer
Тема Re: Re: Escaping strings for inclusion into SQL queries
Дата
Msg-id tgg0aio7jy.fsf@mercury.rus.uni-stuttgart.de
обсуждение исходный текст
Ответ на Re: Escaping strings for inclusion into SQL queries  (Christopher Masto <chris@netmonger.net>)
Ответы Re: Re: Escaping strings for inclusion into SQL queries  (Peter Eisentraut <peter_e@gmx.net>)
Список pgsql-hackers
Дерево обсуждения 
Christopher Masto <chris@netmonger.net> writes:

> I only have one issue - the SQL standard seems to support the use
> of '' to escape a single quote, but not \'.  Though PostgreSQL has
> an extended notion of character string literals, I think that the
> usual policy of using the standard interface when possible should
> apply.

The first version escaped ' with ''.  I changed it when I noticed that
if \' is used instead, the same function can be used for strings
('...') and identifiers ("...").

In addition, you have to replace \ with \\, so you are forced
to leave the grounds of the standard anyway.

-- 
Florian Weimer                       Florian.Weimer@RUS.Uni-Stuttgart.DE
University of Stuttgart           http://cert.uni-stuttgart.de/
RUS-CERT                          +49-711-685-5973/fax +49-711-685-5898

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Ned Wolpert
Дата:
Сообщение: Re: [JDBC] New backend functions? [was Re: JDBC changes for 7.2.
Следующее
От: Bruce Momjian
Дата:
Сообщение: Re: Remove --enable-syslog?