"Michael Lush" <michael@galton.ucl.ac.uk> writes:
> CREATE OR REPLACE FUNCTION quote_bug(text) RETURNS text AS
> $$
> $data = $_[0];
> $sql = "SELECT *
> FROM test
> WHERE foo = '$data'";
> $rv_unique = spi_exec_query($sql);
It's hardly a bug that you get a syntax error when $data contains
a single quote. It's up to you to construct a well-formed query
string to give to spi_exec_query, and this code is not doing that.
regards, tom lane