I found a partial answer to this...it seems to be a bug in PQescapeString(). Turns out that if I do something with an insert using quotes for a varchar field, e.g.:I'm using a Redhat version of PostgreSQL 7.2.3 with the C API. Mostly things work right, but I need more debug output, as I have a query that works fine from psql, but fails with the C API (perhaps this is because I use PQescapeString). The only way to know there is an error is that the insert never happens, and that the system log reports a parse error at or near the first field of an insert. What I am wonder is (a) how to use the tty= in the string passed to PQconnectdb, and (b) a reference URL for what options are available in the options= part of the string parameters accepted by PQconnectdb. So far all I end up with if I try to name a file for tty= or a tty from /dev/ for tty= is a core dump.
D. Stimits
INSERT INTO foo VALUES ('bar')
...then it escapes this to:
INSERT INTO foo VALUES (''bar'')It doesn't like the pair of single quotes.
But I also can't do this, due to requirements of SQL syntax: INSERT INTO foo VALUES (bar)
How can I use PQescapeString() with input I would like to make somewhat safer via escaping? How would I use PQescapeString() without writing my own replacement that works with inserts?
D. Stimits
---------------------------(end of broadcast)--------------------------- TIP 9: the planner will ignore your desire to choose an index scan if your joining column's datatypes do not match
