- unix:postgresql://hostname:port/dbname?options
+ unix:postgresql://localhost:port/dbname?options
- If you specify the connection target literally (that is, not
- through a variable reference) and you don't quote the value, then
- the case-insensitivity rules of normal SQL are applied. In that
- case you can also double-quote the individual parameters separately
- as needed. In practice, it is probably less error-prone to use a
- (single-quoted) string literal or a variable reference. The
- connection target DEFAULT initiates a connection
+ The connection target DEFAULT initiates a connection
to the default database under the default user name. No separate
user name or connection name can be specified in that case.
+ If you specify the connection target directly (that is, not as a string
+ literal or variable reference), then the components of the target are
+ passed through normal SQL parsing; this means that, for example,
+ the hostname must look like one or more SQL
+ identifiers separated by dots, and those identifiers will be
+ case-folded unless double-quoted. Values of
+ any options must be SQL identifiers,
+ integers, or variable references. Of course, you can put nearly
+ anything into an SQL identifier by double-quoting it.
+ In practice, it is probably less error-prone to use a (single-quoted)
+ string literal or a variable reference than to write the connection
+ target directly.
+
+
There are also different ways to specify the user name:
write & within a value.
+ Notice that when specifying a socket connection
+ (with the unix: prefix), the host name must be
+ exactly localhost. To select a non-default
+ socket directory, write the directory's pathname as the value of
+ a host option in
+ the options part of the target.
+
+
The connection-name is used to handle
multiple connections in one program. It can be omitted if a
chapter).
- If untrusted users have access to a database that has not adopted a
- secure schema usage pattern,
- begin each session by removing publicly-writable schemas
- from search_path. For example,
- add options=-c search_path=
- to options, or
- issue EXEC SQL SELECT pg_catalog.set_config('search_path', '',
- false); after connecting. This consideration is not specific to
- ECPG; it applies to every interface for executing arbitrary SQL commands.
-
-
Here are some examples of CONNECT statements:
-EXEC SQL CONNECT TO unix:postgresql://sql.mydomain.com/mydb AS myconnection USER john;
+EXEC SQL CONNECT TO tcp:postgresql://sql.mydomain.com/mydb AS myconnection USER john;
EXEC SQL BEGIN DECLARE SECTION;
EXEC SQL CONNECT TO :target USER :user USING :passwd;
/* or EXEC SQL CONNECT TO :target USER :user/:passwd; */
- The last form makes use of the variant referred to above as
- character variable reference. You will see in later sections how C
+ The last example makes use of the feature referred to above as
+ character variable references. You will see in later sections how C
variables can be used in SQL statements when you prefix them with a
colon.
example above to encapsulate the connection target string
somewhere.
+
+ If untrusted users have access to a database that has not adopted a
+ secure schema usage pattern,
+ begin each session by removing publicly-writable schemas
+ from search_path. For example,
+ add options=-c search_path=
+ to options, or
+ issue EXEC SQL SELECT pg_catalog.set_config('search_path', '',
+ false); after connecting. This consideration is not specific to
+ ECPG; it applies to every interface for executing arbitrary SQL commands.
+
/*------
* new style:
- * :postgresql://server[:port|:/unixsocket/path:]
- * [/db-name][?options]
+ * :postgresql://server[:port][/db-name][?options]
*------
*/
offset += strlen("postgresql://");
}
tmp = strrchr(dbname + offset, ':');
- if (tmp != NULL) /* port number or Unix socket path given */
+ if (tmp != NULL) /* port number given */
{
- char *tmp2;
-
*tmp = '\0';
- if ((tmp2 = strchr(tmp + 1, ':')) != NULL)
- {
- *tmp2 = '\0';
- host = ecpg_strdup(tmp + 1, lineno);
- connect_params++;
- if (strncmp(dbname, "unix:", 5) != 0)
- {
- ecpg_log("ECPGconnect: socketname %s given for TCP connection on line %d\n", host, lineno);
- ecpg_raise(lineno, ECPG_CONNECT, ECPG_SQLSTATE_SQLCLIENT_UNABLE_TO_ESTABLISH_SQLCONNECTION, realname ? realname : ecpg_gettext(""));
- if (host)
- ecpg_free(host);
-
- /*
- * port not set yet if (port) ecpg_free(port);
- */
- if (options)
- ecpg_free(options);
- if (realname)
- ecpg_free(realname);
- if (dbname)
- ecpg_free(dbname);
- free(this);
- return false;
- }
- }
- else
- {
- port = ecpg_strdup(tmp + 1, lineno);
- connect_params++;
- }
+ port = ecpg_strdup(tmp + 1, lineno);
+ connect_params++;
}
if (strncmp(dbname, "unix:", 5) == 0)
{
- if (strcmp(dbname + offset, "localhost") != 0 && strcmp(dbname + offset, "127.0.0.1") != 0)
+ /*
+ * The alternative of using "127.0.0.1" here is deprecated
+ * and undocumented; we'll keep it for backward
+ * compatibility's sake, but not extend it to allow IPv6.
+ */
+ if (strcmp(dbname + offset, "localhost") != 0 &&
+ strcmp(dbname + offset, "127.0.0.1") != 0)
{
ecpg_log("ECPGconnect: non-localhost access via sockets on line %d\n", lineno);
ecpg_raise(lineno, ECPG_CONNECT, ECPG_SQLSTATE_SQLCLIENT_UNABLE_TO_ESTABLISH_SQLCONNECTION, realname ? realname : ecpg_gettext(""));
connect_params++;
}
}
-
}
}
else
projects / postgresql.git / commitdiff