Home > mailing lists

Re: BUG #2228: escaped single quotes choke spi_exec_query in plperlu - Mailing list pgsql-bugs

From	Tom Lane
Subject	Re: BUG #2228: escaped single quotes choke spi_exec_query in plperlu
Date	February 1, 2006 14:38:29
Msg-id	638.1138808309@sss.pgh.pa.us Whole thread Raw
In response to	BUG #2228: escaped single quotes choke spi_exec_query in plperlu ("Michael Lush" <michael@galton.ucl.ac.uk>)
Responses	Re: BUG #2228: escaped single quotes choke spi_exec_query in
List	pgsql-bugs

Tree view

michael <michael@galton.ucl.ac.uk> writes:
> On Wed, 1 Feb 2006, Tom Lane wrote:
>> It's hardly a bug that you get a syntax error when $data contains
>> a single quote.  It's up to you to construct a well-formed query
>> string to give to spi_exec_query, and this code is not doing that.

> As I understand it the  input strings are correctly escaped

> INSERT INTO test VALUES ('No problem here');
> INSERT INTO test VALUES ('It''s a problem here');
> INSERT INTO test VALUES ('It\'s also a problem here');

Yeah, but by the time your trigger sees it, the data isn't escaped
anymore.

            regards, tom lane

pgsql-bugs by date:

From: Tom Lane
Date: 01 February 2006, 14:28:06
Subject: Re: BUG #2229: Parsing error in Functions Grant Wizard

From: Clifford Wolf
Date: 01 February 2006, 15:44:17
Subject: Re: Bug in query planer ?

Re: BUG #2228: escaped single quotes choke spi_exec_query in plperlu - Mailing list pgsql-bugs

Previous

Next