Quick Links

Re: Escaping metacharacters

From:	Christopher Kings-Lynne <chriskl(at)familyhealth(dot)com(dot)au>
To:	olly(at)lfix(dot)co(dot)uk
Cc:	DarkSamurai <julio(at)invlaid(dot)linux(dot)net>, pgsql-hackers(at)postgresql(dot)org
Subject:	Re: Escaping metacharacters
Date:	2004-07-19 01:25:45
Message-ID:	40FB2319.7010209@familyhealth.com.au
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

>>>function SQLString($s) {
>>> $s = str_replace("'", "\\s", $s)'
>>> $s = str_replace("\\", "\\\\", $s);
>>> return "'" . $s . "'";
>
>
> Have you looked at the function PQescapeString() in the libpq library?
> Using that would seem to be a simpler way of solving this problem.

If he's using PHP, he should be using the pg_escape_string() function.

Chris

In response to

Re: Escaping metacharacters at 2004-07-18 22:09:10 from Oliver Elphick

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Andrew Dunstan	2004-07-19 01:56:10	Re: Toward better documentation
Previous Message	Christopher Kings-Lynne	2004-07-19 01:24:55	Re: Toward better documentation