Re: Escaping metacharacters - Mailing list pgsql-hackers

From Christopher Kings-Lynne
Subject Re: Escaping metacharacters
Date
Msg-id 40FB2319.7010209@familyhealth.com.au
Whole thread Raw
In response to Re: Escaping metacharacters  (Oliver Elphick <olly@lfix.co.uk>)
List pgsql-hackers
>>>function SQLString($s) {
>>>    $s = str_replace("'", "\\s", $s)'
>>>    $s = str_replace("\\", "\\\\", $s);
>>>    return "'" . $s . "'";
> 
> 
> Have you looked at the function PQescapeString() in the libpq library? 
> Using that would seem to be a simpler way of solving this problem.

If he's using PHP, he should be using the pg_escape_string() function.

Chris



pgsql-hackers by date:

Previous
From: Christopher Kings-Lynne
Date:
Subject: Re: Toward better documentation
Next
From: Andrew Dunstan
Date:
Subject: Re: Toward better documentation