From: | golliher(at)coe(dot)uga(dot)edu |
---|---|
To: | pgsql-hackers(at)postgreSQL(dot)org |
Subject: | Quoting backticks |
Date: | 1999-04-26 18:39:02 |
Message-ID: | m3aevv2pmh.fsf@ent.coe.uga.edu |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
I can not manage to get strings with backtick characters into a
postgres database using the DBD:Pg module. I've tried using the
built in quote method and escaping the backticks with a
regex.. still no joy.
Am I missing something? Is this a bug? Is it with DBD:Pg, DBI or
Postgres itself?
Code snippet follows.. all replies appreciated.
-darrell golliher
This is an except from a CGI program. If one of the form parameters
contains a backtick, then the update fails. Otherwise updates are
successful. Since everybody hitting my application wants to type
contractions like "can't", " won't", and "shouldn't" the script fails
a lot. :(
my $hacks = $hackday_dbh->quote(param('hacks'));
my $schedule = $hackday_dbh->quote(param('schedule'));
$schedule =~ s/'/\'/g;
my $stuff = $hackday_dbh->quote(param('stuff'));
my $shout = $hackday_dbh->quote(param('shout'));
my $attending = $hackday_dbh->quote(param('attending'));
my %cookiedata = cookie('coewos');
my $userid = $cookiedata{'userid'};
my $query = "update data SET shout='$shout',hacks='$hacks',schedule='$schedule',attending='$attending',stuff='$stuff' where email ~* '$userid'";
my $sth = $hackday_dbh->prepare($query);
$sth->execute;
From | Date | Subject | |
---|---|---|---|
Next Message | Michael Lausch | 1999-04-26 18:40:00 | Re: [HACKERS] Re: CORBA again. (was: light dawns: serious bug in FE/BE protocol handling) |
Previous Message | Taral | 1999-04-26 18:25:07 | Re: [HACKERS] Re: CORBA again. (was: light dawns: serious bug in FE/BE protocol handling) |