Hi all, I've posted pgsql patch that adds pg_escape_literal()/pg_escape_identifier() which escapes SQL literal and idetifier. (i.e. table names, filed names, etc)
https://gist.github.com/1381181 When I post a patch while ago, someone mentioned about that pgsql module own escape implementation may not be needed. I'm OK with both with/without pgsql own escape implementation. I ported escaped function that handles multibyte string correctly, in case of libpq does not have it. i.e. PostgreSQL 8.4 or less. As far as I know, older PostgreSQL (at least 8.0 >) handles literal/identifier escape correctly. It seems trunk is open for new feature. I'll commit the patch as is if there is no objection. Any comments? -- Yasuo Ohgaki yohg...@ohgaki.net -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
