Regular expression character escape

From: Ronan Dunklau <rdunklau(at)gmail(dot)com>
To: pgsql-general(at)postgresql(dot)org
Subject: Regular expression character escape
Date: 2012-02-24 11:33:46
Message-ID: 4F47759A.2000508@gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

Hello.

I'd like to perform a query using user-submitted input in a regular
expression.

Something along the lines of:

select some_col
from some_table
where some_col ~ ('^' || user_submitted_input || '\d*$')

This query is looking for every value matching the user submitted input
with optional trailing decimal characters.

My problem is: the user can break this using special regular expression
characters (ex: 'test(').

I'm looking for a way to escape regular expression characters from the
input (maybe a function already exists for that purpose?).

I could do it on the client side, but I'm not really sure how python and
postgresql flavors of regular expressions differ.

I've seen that the (?q) modifier is supported (treat the rest of the
regexp as normal characters), but unless I missed something it I can't
use it anywhere else than at the beginning of the regexp.

From the docs at
http://www.postgresql.org/docs/current/static/functions-matching.html:

"Embedded options take effect at the ) terminating the sequence. They
can appear only at the start of an ARE."

Any idea on how to achieve this ?

Thank you.

--
Ronan Dunklau

Responses

Browse pgsql-general by date

  From Date Subject
Next Message A B 2012-02-24 12:39:48 Configuring for very slow I/O
Previous Message Naoko Reeves 2012-02-24 11:01:24 invalid memory alloc request size 1765277700 Error Question