michael <[EMAIL PROTECTED]> writes:
> On Wed, 1 Feb 2006, Tom Lane wrote:
>> It's hardly a bug that you get a syntax error when $data contains
>> a single quote. It's up to you to construct a well-formed query
>> string to give to spi_exec_query, and this code is not doing that.
> As I understand it the input strings are correctly escaped
> INSERT INTO test VALUES ('No problem here');
> INSERT INTO test VALUES ('It''s a problem here');
> INSERT INTO test VALUES ('It\'s also a problem here');
Yeah, but by the time your trigger sees it, the data isn't escaped
anymore.
regards, tom lane
---------------------------(end of broadcast)---------------------------
TIP 6: explain analyze is your friend
