The back slash on insert is just escaping the character so Postgres will
not throw errors when adding ' or any other specialized charachters into
the database.
If you want the backslashes to be in the record you have to double escape
them as shown below.
HTH
Darren
oss=> create table test (id varchar(64) not null);
CREATE TABLE
oss=> insert into test values ('darren\'s');
INSERT 9648444 1
oss=> select * from test;
id
----------
darren's
(1 row)
oss=> insert into test values ('darren\\\'s');
INSERT 9648445 1
oss=> select * from test;
id
-----------
darren's
darren\'s
(2 rows)
On Thu, 20 Mar 2003, Dennis Gearon wrote:
> I have a varchar that is 64 wide. I prescape stuff like the '-'
> character to prevent SQL injection.
>
> Here is the EXACT field value that I inserted recently,for a test. It
> comes to approx 100 chars.
>
> '\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1\-1'::varchar,
>
> I insert that and get:
>
> NO ERROR
>
> When I look at the record in phpPgAdmin, the slashes don't show up in
> the record.
>
> So, do they make it to the record, anyone know? What do I have to do for
> the PostgreSQL engine to prevent '--' character from ending a line in a
> a string? Or in general, get the backslashes in the record?
>
>
>
>
>
>
> ---------------------------(end of broadcast)---------------------------
> TIP 6: Have you searched our list archives?
>
> http://archives.postgresql.org
>
--
Darren Ferguson
