On Wed, 2003-06-25 at 15:25, Joe Conway wrote:
> Stephen Robert Norris wrote:
> > Ah, yes. I remember that page. The funny thing about it is that it
> > doesn't actually say which strings _have_ to be escaped, just gives some
> > examples...
>
> "When entering bytea values, octets of certain values must be escaped
> (but all octet values may be escaped) when used as part of a string
> literal in an SQL statement. In general, to escape an octet, it is
> converted into the three-digit octal number equivalent of its decimal
> octet value, and preceded by two backslashes. Some octet values have
> alternate escape sequences, as shown in Table 5-7."
>
> I guess it could be more clear, but this paragraph refers to values
> which must be escaped on input, and table 5-7 shows them. So they are
> the examples of the values that must be escaped ;-)
Well, no. What it says is that certain values must be escaped (but
doesn't say which ones). Then it says there are alternate escape
sequences for some values, which it lists.
It doesn't say "The following table contains the characters which must
be escaped:", which would be much clearer (and actually useful).
Stephen
--
Stephen Robert Norris <srn@commsecure.com.au>
CommSecure Australia Pty Ltd
