Escape handling in strings

Started by Bruce Momjianover 20 years ago7 messages

pgman@candle.pha.pa.us

over 20 years ago

[ BCC to general. ]

I have received very few replies to my suggestion that we implement E''
for escaped strings, so eventually, after a few major releases, we can
have '' treat backslashes literally like the SQL standard requires.

I assume this is because most people say, "yea, it is going to be a pain,
and yea, we should probably do it".

A summary of the plan is at:

http://candle.pha.pa.us/cgi-bin/pgescape

Therefore, I will soon apply the escape patch at:

ftp://candle.pha.pa.us/pub/postgresql/mypatches/escape

I will also backpatch the E'' syntax and read-only GUC variables to
earlier releases.

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073

Oliver Jowett

oliver@opencloud.com

over 20 years ago

In reply to: Bruce Momjian (#1)

Re: Escape handling in strings

Bruce Momjian wrote:

I have received very few replies to my suggestion that we implement E''
for escaped strings, so eventually, after a few major releases, we can
have '' treat backslashes literally like the SQL standard requires.

Just checking: with this plan, a client needs to know what server
version is in use to correctly escape strings, correct? That is, there
is no escape mechanism that works correctly for both "old" and "new"
servers?

-O

Tom Lane

tgl@sss.pgh.pa.us

over 20 years ago

In reply to: Oliver Jowett (#2)

Re: Escape handling in strings

Oliver Jowett <oliver@opencloud.com> writes:

Bruce Momjian wrote:

I have received very few replies to my suggestion that we implement E''
for escaped strings, so eventually, after a few major releases, we can
have '' treat backslashes literally like the SQL standard requires.

Just checking: with this plan, a client needs to know what server
version is in use to correctly escape strings, correct? That is, there
is no escape mechanism that works correctly for both "old" and "new"
servers?

When the change happens, yes, it will be non compatible. I don't
recommend thinking of it as a "server version" check though --- we
will put in a read-only GUC variable (like the one for integer
datetimes) and you can check it through the parameter reporting
mechanism.

regards, tom lane

AgentM

agentm@themactionfaction.com

over 20 years ago

In reply to: Oliver Jowett (#2)

Re: Escape handling in strings

What I am really hoping for is that PQexecParams() [in later versions
of libpq] can figure it out for itself so client code doesn't need
fixing. That is the plan, right?

On Jun 20, 2005, at 11:57 PM, Oliver Jowett wrote:

Bruce Momjian wrote:

I have received very few replies to my suggestion that we
implement E''
for escaped strings, so eventually, after a few major releases, we
can
have '' treat backslashes literally like the SQL standard requires.

Just checking: with this plan, a client needs to know what server
version is in use to correctly escape strings, correct? That is, there
is no escape mechanism that works correctly for both "old" and "new"
servers?

|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-
AgentM
agentm@themactionfaction.com
|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-

Karl O. Pinc

kop@meme.com

over 20 years ago

In reply to: Bruce Momjian (#1)

Re: [GENERAL] Escape handling in strings

FYI

On 06/20/2005 11:12:20 PM, Bruce Momjian wrote:

[ BCC to general. ]

I have received very few replies to my suggestion that we implement
E''
for escaped strings, so eventually, after a few major releases, we can
have '' treat backslashes literally like the SQL standard requires.

I assume this is because most people say, "yea, it is going to be a
pain,
and yea, we should probably do it".

A summary of the plan is at:

http://candle.pha.pa.us/cgi-bin/pgescape

To my mind your recommendation for 8.3
8.3 - Have non-'E' strings treat backslashes literally.
would require a major version change, to 9.0 instead of
8.3, as it breaks forward and backward compatability.

But that's just the way I see version numbering working,
not necessarly how postgresql does it.

Karl <kop@meme.com>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein

Tom Lane

tgl@sss.pgh.pa.us

over 20 years ago

In reply to: AgentM (#4)

Re: Escape handling in strings

AgentM <agentm@themactionfaction.com> writes:

What I am really hoping for is that PQexecParams() [in later versions
of libpq] can figure it out for itself so client code doesn't need
fixing. That is the plan, right?

Out-of-line parameters are not an issue at all --- only string literals
embedded in the SQL query.

regards, tom lane

Bruce Momjian

pgman@candle.pha.pa.us

over 20 years ago

In reply to: Tom Lane (#3)

Re: Escape handling in strings

Tom Lane wrote:

Oliver Jowett <oliver@opencloud.com> writes:

Bruce Momjian wrote:

I have received very few replies to my suggestion that we implement E''
for escaped strings, so eventually, after a few major releases, we can
have '' treat backslashes literally like the SQL standard requires.

Just checking: with this plan, a client needs to know what server
version is in use to correctly escape strings, correct? That is, there
is no escape mechanism that works correctly for both "old" and "new"
servers?

When the change happens, yes, it will be non compatible. I don't
recommend thinking of it as a "server version" check though --- we
will put in a read-only GUC variable (like the one for integer
datetimes) and you can check it through the parameter reporting
mechanism.

Right, the GUC read-only variables are already in the patch URL I
posted.

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073