On Fri, Jan 21, 2022 at 11:32 AM Alanoly Andrews <alano...@invera.com> wrote:
> Thanks Adrian. I was aware of that. > > But...in the case of FT definition, the quotes are mandatory after > column_name in options. And it is a single quote. > Using an unqualified "quote" is this kind of discussion should be avoided. The option itself is just text. The system basically has two choices. Use the text as-is for the identifier, in which case the user would have to write '"NAME OF COLUMN"' (that's single-quote, double-quote, characters, double-quote, single-quote) or, as Adrian just said, take the input string and perform quoting on-the-fly into to turn it into a valid SQL identifier (which is what quote_ident(text) does). The later ends up being more user-friendly and prevents, however unlikely in this situation, SQL-injection problems. Since the second option preserves the supplied text as an explicit name it indeed must be exactly what is required and one cannot rely on case-folding behavior. This seems like something that should be, but is not, documented for that option. David J.
