Thanks all for replying.
> > len =strlen(PQgetvalue(res, 0, i)) * 2 + 1; // <=========
> Why not using PQgetlength(res, 0, i)?
Actually I'm quite new to libPQ, that's why I didn't know there's a
PQgetlength function. :-)
> > PQescapeString(tmp2, PQgetvalue(res, 0, i), len); // <=========
> One last question:
> Why are you using PQescapeString on PQgetvalue?
>
> The doc says:
> If you want to include strings that have been received from a source
> that is not trustworthy (for example, because a random user entered
> them), you cannot directly include them in SQL queries for security
> reasons. Instead, you have to quote special characters that are
> otherwise interpreted by the SQL parser.
hmm.., I did this on purpose. Because I want to grab SQL commands
I previously stored in a table from one database, then reformat them
and store them into another database.
E.g. the reformatted string looks like:
INSERT INTO tableOnAnotherDB(sqlCMD) values('delete from test where
name=''\\\\''');
I'm trying to implement a scale-down'ed version of synchronous
replication, only limited to replicating between two databases.
And this C program is responsible for synchronizing the two
databases and keep them consistent, in case one of them failed
and is up again later and other cases. (checking who's master, and
who's slave, are they accepting requests etc, is done by the server
side stored functions. VB + ODBC + PL/PGSQL in backend)
Regards
Frankie Lam
