Re: How to quote in plpgsql function for Execute dynamic queries

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: paallen(at)attglobal(dot)net
Cc: pgsql-novice(at)postgresql(dot)org
Subject: Re: How to quote in plpgsql function for Execute dynamic queries
Date: 2001-08-18 14:51:07
Message-ID: 10960.998146267@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-novice

"Phillip J. Allen" <paallen(at)attglobal(dot)net> writes:
> dpsql := 'Select d.a_parm, d.f_parm, d.deltax, d.deltay FROM c_g_datum
> WHERE d.datum_id = ' || $1 || ';'; --this sql will only return 1 record

> So the real question is how do I formate the dpsql string.

You need to double or backslash-escape all those ' marks. Remember that
what you are writing is itself one big string literal --- that's how
CREATE FUNCTION sees it, anyway. The form depicted above is what you
want the value of the string literal to be, after the string-literal
parser gets done with it. So, use '' or \' anywhere you need plpgsql
to see a '.

Somewhere there is a handy page that illustrates how many quote marks
to write in various complicated situations. I thought it was at
http://techdocs.postgresql.org/ but didn't have much luck finding it.
Anyone remember what I'm thinking of?

regards, tom lane

In response to

Browse pgsql-novice by date

  From Date Subject
Next Message booli2 2001-08-19 07:48:50 sequence properties
Previous Message Phillip J. Allen 2001-08-18 12:10:22 How to quote in plpgsql function for Execute dynamic queries