Re: standard_conforming_strings and pg_escape_string()

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Conrad Lender <crlender(at)gmail(dot)com>
Cc: pgsql-general(at)postgresql(dot)org
Subject: Re: standard_conforming_strings and pg_escape_string()
Date: 2009-04-24 14:40:06
Message-ID: 24484.1240584006@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

Conrad Lender <crlender(at)gmail(dot)com> writes:
> On 24/04/09 00:56, Tom Lane wrote:
>> The above cannot possibly work. pg_escape_string is generating what it
>> supposes to be a normal string literal, and then you are sticking an 'E'
>> on the front which changes the escaping rules. It is not the function's
>> fault that this fails.

> I'm afraid I don't understand why it fails (it appears to work, at
> least).

I should have said "it will fail when standard_conforming_strings is on".
pg_escape_string will see that, think that it shouldn't double
backslashes, and then when you stick E on the front, the result is
wrong. So what you have here is a time bomb.

> I have to enclose the result of pg_escape_string() in single
> quotes to get a string literal, and if I don't add the "E" in front, I
> see warnings in the server log about "nonstandard use of \\ in a string
> literal" (standard_conforming_strings is off, escape_string_warning is on).

> I could disable the warnings, of course, but I suppose they are there
> for a reason.

Well, they're there to get you to pay attention to this problem ;-).
You can get rid of the warnings by inverting either of those settings,
but as long as you leave them as they are, you're going to get chatter.

regards, tom lane

In response to

Browse pgsql-general by date

  From Date Subject
Next Message Joshua D. Drake 2009-04-24 15:03:14 Re: need help for PostgreSQL consistency check mechanism
Previous Message Tom Lane 2009-04-24 14:15:48 Re: update error