Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:56464 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 65563 invoked from network); 21 Nov 2011 22:42:15 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 21 Nov 2011 22:42:15 -0000 Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.213.42 as permitted sender) X-PHP-List-Original-Sender: yohgaki@gmail.com X-Host-Fingerprint: 209.85.213.42 mail-yw0-f42.google.com Received: from [209.85.213.42] ([209.85.213.42:62299] helo=mail-yw0-f42.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 3F/E3-29275-5C3DACE4 for ; Mon, 21 Nov 2011 17:42:13 -0500 Received: by ywm19 with SMTP id 19so5962196ywm.29 for ; Mon, 21 Nov 2011 14:42:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:from:date:x-google-sender-auth:message-id :subject:to:content-type; bh=hiKrO01vKhFISv1Lno4jGU1NMbRKSXk7mGbXGyxWD/Q=; b=rAeL9lKTNUdILglEXyhuYKde1hTEirJjgA5bvJqoiqkQcKIWhd4oLQIdugHCn/xPIT 7B0muQF3x8WHahJk5OT0bGdsZezi4vP51Mxcxspz5qmoNGfmkAwLkHQ/AbBeDYydKlH+ piMw7+6ld7wBmSO7uBfwFoBo21W7aHJo5RCVU= Received: by 10.236.192.233 with SMTP id i69mr23475756yhn.60.1321915330078; Mon, 21 Nov 2011 14:42:10 -0800 (PST) MIME-Version: 1.0 Sender: yohgaki@gmail.com Received: by 10.100.127.18 with HTTP; Mon, 21 Nov 2011 14:41:29 -0800 (PST) Date: Tue, 22 Nov 2011 07:41:29 +0900 X-Google-Sender-Auth: WElZKlGk51VQGvLmFKdl4OG7zqA Message-ID: To: internals@lists.php.net Content-Type: text/plain; charset=ISO-8859-1 Subject: pg_escape_literal(), pg_escape_identifier() patch From: yohgaki@ohgaki.net (Yasuo Ohgaki) Hi all, I've posted pgsql patch that adds pg_escape_literal()/pg_escape_identifier() which escapes SQL literal and idetifier. (i.e. table names, filed names, etc) https://gist.github.com/1381181 When I post a patch while ago, someone mentioned about that pgsql module own escape implementation may not be needed. I'm OK with both with/without pgsql own escape implementation. I ported escaped function that handles multibyte string correctly, in case of libpq does not have it. i.e. PostgreSQL 8.4 or less. As far as I know, older PostgreSQL (at least 8.0 >) handles literal/identifier escape correctly. It seems trunk is open for new feature. I'll commit the patch as is if there is no objection. Any comments? -- Yasuo Ohgaki yohgaki@ohgaki.net