Postgres Pro
Downloads
Home   >   mailing lists

Thread: How to insert apostrophied names into postgres

How to insert apostrophied names into postgres

From
richard terry
Date:
eg Peter's

if one passes the name to an sql in code it ends up looking like:

insert into whatevertable (name) values('Peter's');

and bombs.

Any suggestions appreciated.

Richard

Re: How to insert apostrophied names into postgres

From
"Phillip Smith"
Date:
> if one passes the name to an sql in code it ends up looking like:
>
> insert into whatevertable (name) values('Peter's');
>
> and bombs.

You need to use the Escape Character, by default a backslash (\). For
example:

INSERT INTO whatevertable(name) VALUES('Peter\'s');


THINK BEFORE YOU PRINT - Save paper if you don't really need to print this

*******************Confidentiality and Privilege Notice*******************

The material contained in this message is privileged and confidential to
the addressee.  If you are not the addressee indicated in this message or
responsible for delivery of the message to such person, you may not copy
or deliver this message to anyone, and you should destroy it and kindly
notify the sender by reply email.

Information in this message that does not relate to the official business
of Weatherbeeta must be treated as neither given nor endorsed by Weatherbeeta.
Weatherbeeta, its employees, contractors or associates shall not be liable
for direct, indirect or consequential loss arising from transmission of this
message or any attachments
e-mail.

Re: How to insert apostrophied names into postgres

From
"Vyacheslav Kalinin"
Date:
http://www.postgresql.org/docs/8.3/interactive/sql-syntax-lexical.html#SQL-SYNTAX-CONSTANTS

Either of:
 * double the quote (e.g. 'Peter''s')
 * use backslash escape (e.g. E'Peter\'s', note the "E" prefix that
means the string is an escape string)
 * use $-quoting (e.g. $x$Peter's$x$)
 * if you are working with some external interfaces use appropriate
escaping function they provide (for instance in libpq:
PQescapeStringConn -
http://www.postgresql.org/docs/8.3/interactive/libpq-exec.html#LIBPQ-EXEC-ESCAPE-STRING,
PHP: pg-escape-string -
http://ru2.php.net/manual/en/function.pg-escape-string.php)
 * use PQexecParams
(http://www.postgresql.org/docs/8.3/interactive/libpq-exec.html) or
its wrappers (as pg_exec_params in PHP)
 * use prepared statements:
http://www.postgresql.org/docs/8.3/interactive/sql-prepare.html or
PQprepare - http://www.postgresql.org/docs/8.3/interactive/libpq-exec.html#LIBPQ-EXEC-MAIN