Am 24.02.2012 17:04, schrieb Ronan Dunklau:
On 24/02/2012 16:38, David Johnston wrote:
You could (should?) write the escaping routine on the server side in a
user-defined function:
WHERE some_col ~ ('^' || make_regexp_literal(user_submitted_stringliteral) ||
'\d*$')
I totally agree, but I hoped I could use an already existing function
without having to read the whole spec to figure what should and should
not be escaped.
Use the corresponding function of your programming language/framework of
choice. E.g. Python delivers this as re.escape().
--
--- Heiko.
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
