"Michael Lush" <[EMAIL PROTECTED]> writes:
> CREATE OR REPLACE FUNCTION quote_bug(text) RETURNS text AS
> $$
> $data = $_[0];
> $sql = "SELECT *
> FROM test
> WHERE foo = '$data'";
> $rv_unique = spi_exec_query($sql);
It's hardly a bug that you get a syntax error when $data contains
a single quote. It's up to you to construct a well-formed query
string to give to spi_exec_query, and this code is not doing that.
regards, tom lane
---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly
