At 01:20 PM 6/3/02 +0200, Zeugswetter Andreas SB SD wrote:
> > for two things, one for escaping single quotes and for escaping standard
> > C characters, like \n. While we can use the standard-supported '' to
> > insert single quotes, what should we do with \n? The problem is
> > switching to standard ANSI solution reduces our functionality.
>
>The problem imho is, that this (no doubt in many cases valuable)
>feature reduces the functionality from the ANSI SQL perspective.
>Consider a field that is supposed to store Windows filenames,
>nam_file='C:\node1\resend\b.dat' :-)
>
>Thus I think a GUC to turn off all escaping except '' would be valuable.
With current behaviour 'C:\node1\resend\b.dat' can be quoted as
'C:\\node1\\resend\\b.dat'
But for the ANSI standard how does one stuff \r\n\t and other control
characters into the database?
If there's no way other than actually sending the control characters then
that is a bad idea especially from a security viewpoint.
Cheerio,
Link.
