I'm using a Redhat version of PostgreSQL 7.2.3 with the C API. Mostly
things work right, but I need more debug output, as I have a query that
works fine from psql, but fails with the C API (perhaps this is because
I use PQescapeString). The only way to know there is an error is that
the insert never happens, and that the system log reports a parse error
at or near the first field of an insert. What I am wonder is (a) how to
use the tty= in the string passed to PQconnectdb, and (b) a reference
URL for what options are available in the options= part of the string
parameters accepted by PQconnectdb. So far all I end up with if I try to
name a file for tty= or a tty from /dev/ for tty= is a core dump.
D. Stimits
---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ? http://www.postgresql.org/docs/faqs/FAQ.html 8  3953 
D. Stimits wrote: I'm using a Redhat version of PostgreSQL 7.2.3 with the C API. Mostly
things work right, but I need more debug output, as I have a query that
works fine from psql, but fails with the C API (perhaps this is because
I use PQescapeString). The only way to know there is an error is that
the insert never happens, and that the system log reports a parse error
at or near the first field of an insert. What I am wonder is (a) how to
use the tty= in the string passed to PQconnectdb, and (b) a reference
URL for what options are available in the options= part of the string
parameters accepted by PQconnectdb. So far all I end up with if I try to
name a file for tty= or a tty from /dev/ for tty= is a core dump.
D. Stimits
I found a partial answer to this...it seems to be a bug in
PQescapeString(). Turns out that if I do something with an insert using
quotes for a varchar field, e.g.:
INSERT INTO foo VALUES ('bar')
....then it escapes this to:
INSERT INTO foo VALUES (''bar'')
It doesn't like the pair of single quotes.
But I also can't do this, due to requirements of SQL syntax:
INSERT INTO foo VALUES (bar)
How can I use PQescapeString() with input I would like to make somewhat
safer via escaping? How would I use PQescapeString() without writing my
own replacement that works with inserts?
D. Stimits
---------------------------(end of broadcast)---------------------------
TIP 9: the planner will ignore your desire to choose an index scan if your
joining column's datatypes do not match
On Wednesday 10 September 2003 18:47, D. Stimits wrote:
I found a partial answer to this...it seems to be a bug in
PQescapeString(). Turns out that if I do something with an insert using
quotes for a varchar field, e.g.:
INSERT INTO foo VALUES ('bar')
...then it escapes this to:
INSERT INTO foo VALUES (''bar'')
It doesn't like the pair of single quotes.
But I also can't do this, due to requirements of SQL syntax:
INSERT INTO foo VALUES (bar)
How can I use PQescapeString() with input I would like to make somewhat
safer via escaping? How would I use PQescapeString() without writing my
own replacement that works with inserts?
I think the idea is to escape just the parameters to the SQL statement. So
(not in C syntax):
query = "INSERT INTO foo values ('" + PQescapeString("O'Neill") + "')"
This will double the single-quote in O'Neill.
I tend to use higher-level languages where this sort of thing is handled by
functions in e.g. Perl's DBI layer. If there isn't a suitable interface layer
available, you could write your own that does something like:
query = build_sql("INSERT INTO foo values (?,'?')", 1, "fred");
I can't believe there isn't something like this available though.
--
Richard Huxton
Archonet Ltd
---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings
On Wed, 10 Sep 2003, D. Stimits wrote: D. Stimits wrote:
I'm using a Redhat version of PostgreSQL 7.2.3 with the C API. Mostly
things work right, but I need more debug output, as I have a query that
works fine from psql, but fails with the C API (perhaps this is because
I use PQescapeString). The only way to know there is an error is that
the insert never happens, and that the system log reports a parse error
at or near the first field of an insert. What I am wonder is (a) how to
use the tty= in the string passed to PQconnectdb, and (b) a reference
URL for what options are available in the options= part of the string
parameters accepted by PQconnectdb. So far all I end up with if I try to
name a file for tty= or a tty from /dev/ for tty= is a core dump.
D. Stimits
I found a partial answer to this...it seems to be a bug in
PQescapeString(). Turns out that if I do something with an insert using
quotes for a varchar field, e.g.:
INSERT INTO foo VALUES ('bar')
...then it escapes this to:
INSERT INTO foo VALUES (''bar'')
I don't think you're using it correctly...
"PQescapeString escapes a string for use within an SQL commmand."
....
"The single quotes that must surround PostgreSQL string literals are not
included in the result string; they should be provided in the SQL
command that the result is inserted into."
The intent is not for PQescapeString to take a query string, but a
string for use within a query string (for example, the literal bar in the
above).
---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to ma*******@postgresql.org so that your
message can get through to the mailing list cleanly
D. Stimits wrote: I'm using a Redhat version of PostgreSQL 7.2.3 with the C API. Mostly
things work right, but I need more debug output, as I have a query that
works fine from psql, but fails with the C API (perhaps this is because
I use PQescapeString). The only way to know there is an error is that
the insert never happens, and that the system log reports a parse error
at or near the first field of an insert. What I am wonder is (a) how to
use the tty= in the string passed to PQconnectdb, and (b) a reference
URL for what options are available in the options= part of the string
parameters accepted by PQconnectdb. So far all I end up with if I try to
name a file for tty= or a tty from /dev/ for tty= is a core dump.
D. Stimits
I found a partial answer to this...it seems to be a bug in
PQescapeString(). Turns out that if I do something with an insert using
quotes for a varchar field, e.g.:
INSERT INTO foo VALUES ('bar')
....then it escapes this to:
INSERT INTO foo VALUES (''bar'')
It doesn't like the pair of single quotes.
But I also can't do this, due to requirements of SQL syntax:
INSERT INTO foo VALUES (bar)
How can I use PQescapeString() with input I would like to make somewhat
safer via escaping? How would I use PQescapeString() without writing my
own replacement that works with inserts?
D. Stimits
---------------------------(end of broadcast)---------------------------
TIP 9: the planner will ignore your desire to choose an index scan if your
joining column's datatypes do not match
On Wednesday 10 September 2003 18:47, D. Stimits wrote:
I found a partial answer to this...it seems to be a bug in
PQescapeString(). Turns out that if I do something with an insert using
quotes for a varchar field, e.g.:
INSERT INTO foo VALUES ('bar')
...then it escapes this to:
INSERT INTO foo VALUES (''bar'')
It doesn't like the pair of single quotes.
But I also can't do this, due to requirements of SQL syntax:
INSERT INTO foo VALUES (bar)
How can I use PQescapeString() with input I would like to make somewhat
safer via escaping? How would I use PQescapeString() without writing my
own replacement that works with inserts?
I think the idea is to escape just the parameters to the SQL statement. So
(not in C syntax):
query = "INSERT INTO foo values ('" + PQescapeString("O'Neill") + "')"
This will double the single-quote in O'Neill.
I tend to use higher-level languages where this sort of thing is handled by
functions in e.g. Perl's DBI layer. If there isn't a suitable interface layer
available, you could write your own that does something like:
query = build_sql("INSERT INTO foo values (?,'?')", 1, "fred");
I can't believe there isn't something like this available though.
--
Richard Huxton
Archonet Ltd
---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings
On Wed, 10 Sep 2003, D. Stimits wrote: D. Stimits wrote:
I'm using a Redhat version of PostgreSQL 7.2.3 with the C API. Mostly
things work right, but I need more debug output, as I have a query that
works fine from psql, but fails with the C API (perhaps this is because
I use PQescapeString). The only way to know there is an error is that
the insert never happens, and that the system log reports a parse error
at or near the first field of an insert. What I am wonder is (a) how to
use the tty= in the string passed to PQconnectdb, and (b) a reference
URL for what options are available in the options= part of the string
parameters accepted by PQconnectdb. So far all I end up with if I try to
name a file for tty= or a tty from /dev/ for tty= is a core dump.
D. Stimits
I found a partial answer to this...it seems to be a bug in
PQescapeString(). Turns out that if I do something with an insert using
quotes for a varchar field, e.g.:
INSERT INTO foo VALUES ('bar')
...then it escapes this to:
INSERT INTO foo VALUES (''bar'')
I don't think you're using it correctly...
"PQescapeString escapes a string for use within an SQL commmand."
....
"The single quotes that must surround PostgreSQL string literals are not
included in the result string; they should be provided in the SQL
command that the result is inserted into."
The intent is not for PQescapeString to take a query string, but a
string for use within a query string (for example, the literal bar in the
above).
---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to ma*******@postgresql.org so that your
message can get through to the mailing list cleanly
"D. Stimits" <st*****@comcast.net> writes: What I am wonder is (a) how to
use the tty= in the string passed to PQconnectdb, and (b) a reference
URL for what options are available in the options= part of the string
parameters accepted by PQconnectdb.
tty= is a dead option; it was disabled years ago on security grounds.
I'd suggest enabling query logging so you can see in the postmaster log
exactly what query string got sent by your application. The options=
string is included in the command line options for the "postgres"
backend process --- the useful part of this is
-c parametervariable=value
which is pretty nearly equivalent to doing a SET parametervariable=value
after connecting.
regards, tom lane
---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to ma*******@postgresql.org
"D. Stimits" <st*****@comcast.net> writes: What I am wonder is (a) how to
use the tty= in the string passed to PQconnectdb, and (b) a reference
URL for what options are available in the options= part of the string
parameters accepted by PQconnectdb.
tty= is a dead option; it was disabled years ago on security grounds.
I'd suggest enabling query logging so you can see in the postmaster log
exactly what query string got sent by your application. The options=
string is included in the command line options for the "postgres"
backend process --- the useful part of this is
-c parametervariable=value
which is pretty nearly equivalent to doing a SET parametervariable=value
after connecting.
regards, tom lane
---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to ma*******@postgresql.org This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Kevin Lyons |
last post by:
Hello,
I am trying to get my select options (courses) passed correctly from
the following URL: http://www.dslextreme.com/users/kevinlyons/selectBoxes.html
I am having difficulty getting the...
|
by: Hal Vaughan |
last post by:
I have a sample script from a book ("Beginning JavaScript" by Paul Wilton)
that removes or adds a choice to a <SELECT> element. The <FORM> is form1
and the <SELECT> is theDay. The example uses...
|
by: D. Stimits |
last post by:
I'm using a Redhat version of PostgreSQL 7.2.3 with the C API. Mostly
things work right, but I need more debug output, as I have a query that
works fine from psql, but fails with the C API (perhaps...
|
by: Gregc. |
last post by:
Hi
Is this correct to clear select items?
function(sel){
var selected = sel.options.text;
var name=sel.name;
(i=1; i<sel.length=0,i++){
sel.options.length=0;}
|
by: Beholder |
last post by:
I hope that someone can help me with the following:
Short background explenation:
I have a shrfepoint page (newform.aspx) in a item list. On this page is
a lookup column that displays a lookup...
|
by: chunk1978 |
last post by:
hello.
so i have 2 select menus which add and remove options from a 3rd select menu... it seems, however, that it's not possible to use different select menus to toggle a 3rd, because when an...
|
by: madflytom |
last post by:
Hello,
I'm trying to move the options of one select list to another select list. The "source" select list is divided into optgroups, and the "target" select list is not. I want to somehow keep...
|
by: madflytom |
last post by:
Hello again all. I posted a question last night about dealing with <optgroups> in select boxes. We've changed directions, and now I need a little more help.
Here's the scenario: Two select...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: ryjfgjl |
last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: aa123db |
last post by:
Variable and constants
Use var or let for variables and const fror constants.
Var foo ='bar';
Let foo ='bar';const baz ='bar';
Functions
function $name$ ($parameters$) {
}
...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
| | |
