Skip site navigation (1) Skip section navigation (2)

Re: [ADMIN] Re:

From: Terry Mackintosh <terry(at)terrym(dot)com>
To: pgsql-admin(at)postgresql(dot)org
Subject: Re: [ADMIN] Re:
Date: 1998-12-01 00:56:27
Message-ID: Pine.LNX.3.95.981130195001.10959A-100000@terry1.acun.com (view raw or flat)
Thread:
Lists: pgsql-adminpgsql-interfaces
Hi Ken, Bill and all

Na!
First, as a web interface you should be using PHP 3.x, you are right?

OK, that said, do this:
$chktext = ereg_replace("'", "''", $chktext);

That will take every ' in the data, and replace it with '' (2 ') which is
how you escape a ' in PostgreSQL (and all SQL?).

Hope that helps, have a great day
Terry

On Mon, 30 Nov 1998, Bill Cunningham wrote:

> Ken Wills wrote:
> 
> > Hi!
> >
> > I have an annoying problem, that I just haven't been able to get around yet. When I parse the
> > input from a form and go to insert it eveything works fine as long as the user doesn't use
> > the ' character in the input. I've tried using qw{} and qq{}, which either don't interpolate
> > or give me errors. Anyone have any suggestions? Postgres 6.4, Apache 1.3, mod_perl 1.16.
> > The insert statement is below.
> >
> > my $query_string=qq{INSERT INTO CALLS (ca_service_id, ca_org_name, ca_phone_number, ca_status,
> > ca_product, ca_problem, ca_resolution, ca_contact_name, ca_assigned, ca_date) VALUES ('$service_id',
> > '$org_name', '$phone_number', '$status', '$product', '$problem', '$resolution', '$contact',
> > '$assigned', '$time_now')};
> >
> 
> I have the same problem with DB2. I encode the ' character as &39 or 0x39. Then on output I reparse the
> field and display the results. (I also encode the & character or whatever I use to delimit the
> character.)
> 
> 
> --
> Bill Cunningham
> Database Development Project Lead
> Bally Systems
> 
> 
> 
> 

Terry Mackintosh <terry(at)terrym(dot)com>          http://www.terrym.com
sysadmin/owner  Please! No MIME encoded or HTML mail, unless needed.

Proudly powered by R H Linux 4.2, Apache 1.3, PHP 3, PostgreSQL 6.4
-------------------------------------------------------------------
Success Is A Choice ... book by Rick Patino, get it, read it!


In response to

  • Re: at 1998-11-30 22:33:06 from Bill Cunningham

Responses

pgsql-admin by date

Next:From: The Hermit HackerDate: 1998-12-01 02:46:51
Subject: Re: [ADMIN] Re:
Previous:From: Bill CunninghamDate: 1998-11-30 22:33:06
Subject: Re:

pgsql-interfaces by date

Next:From: The Hermit HackerDate: 1998-12-01 02:46:51
Subject: Re: [ADMIN] Re:
Previous:From: Warren CraigDate: 1998-11-30 23:29:46
Subject: PostOBDC

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group