standard_conforming_strings and pg_escape_string()

From: Conrad Lender <crlender(at)gmail(dot)com>
To: pgsql-general(at)postgresql(dot)org
Subject: standard_conforming_strings and pg_escape_string()
Date: 2009-04-23 19:33:11
Message-ID: 49F0C277.6020805@gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

Hi.

I'm using PostgreSQL 8.3 with PHP's "pgsql" module (libpq 8.3.7). When
the server's standard_conforming_strings setting is off (this is
currently still the default, I believe), I use something like this to
escape strings:

if ($escWildcards) {
$str = strtr($str, array("%" => '\%', "_" => '\_'));
}
return "E'" . pg_escape_string($str) . "'";

I would like our database abstraction to be able to handle both settings
for standard_conforming_strings transparently, i.e. perform the escaping
according to the current DB server settings. Since pg_escape_string() is
aware of the current database connection, I had expected its behavior to
change accordingly:

no std strings:
x\y --> x\\y
with std strings:
x\y --> x\y

Unfortunately, this doesn't happen. Isn't pg_escape_string() the
preferred way to escape strings for PostgreSQL in PHP?

And finally, would it be safe to always use the E'\\' syntax, regardless
of how standard_conforming_strings is set on the server?

- Conrad

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Ben Welsh 2009-04-23 20:39:04 OperationalError: FATAL: could not open file <filename>: Too many open files in system
Previous Message Merlin Moncure 2009-04-23 19:21:03 Re: Dynamic SQL in Function