Обсуждение: PQescapeString
I'm using postgresql via libpq for a web based application. PQescapeString works as advertized, escaping special characters out of strings so they can be included in queries. However once I've inserted the escaped string into the database, there doesn't seem to be a reverse process to unescape the string. Is there a straightforward way to do it? For example I retrieve the following string from a web form: "This is a test of postgresql's escaping mechanism" Running it through PQescapeString produces: "This is a test of postgresql''s escaping mechanism" And I end up with a query string that looks like: INSERT INTO "some_table" (ttext) VALUES ('This is a test of postgresql''s escaping mechanism') Subsequently I do: SELECT ttext from "some_table"; This is a test of postgresql''s escaping mechanism Obviously I need to process this string to remove the escaping ' (and likely turn \\ into \ as well as other translations), but I don't see any mechanism to do it. Mark Thomas --- thomas@pbegames.com ----> http://www.pbegames.com/~thomas Play by Electron Games -> http://www.pbegames.com Free Trial Games
Mark Thomas <thomas@pbegames.com> writes: > ... I end up with a query string that looks like: > INSERT INTO "some_table" (ttext) > VALUES ('This is a test of postgresql''s escaping mechanism') That should result in inserting This is a test of postgresql's escaping mechanism > Subsequently I do: > SELECT ttext from "some_table"; > This is a test of postgresql''s escaping mechanism This is hard to believe. The returned string shouldn't have the doubled quote. You're going to have to give more details about what you're doing. regards, tom lane
At 11:36 AM 6/8/02 -0400, Tom Lane wrote: >Mark Thomas <thomas@pbegames.com> writes: > > ... I end up with a query string that looks like: > > INSERT INTO "some_table" (ttext) > > VALUES ('This is a test of postgresql''s escaping mechanism') > >That should result in inserting > > This is a test of postgresql's escaping mechanism > > > Subsequently I do: > > > SELECT ttext from "some_table"; > > > This is a test of postgresql''s escaping mechanism > >This is hard to believe. The returned string shouldn't have the >doubled quote. You're going to have to give more details about >what you're doing. The technical term is 'being stupid' :( I was being a bit too careful about my string cleaning and invoking PQescapeString twice, which explains the results I was seeing perfectly. Thanks for the answer. Mark Thomas --- thomas@pbegames.com ----> http://www.pbegames.com/~thomas Play by Electron Games -> http://www.pbegames.com Free Trial Games