- linkend="datatype-binary"> for more information.
+ Certain byte values must be escaped (but all
+ byte values can be escaped) when used as part
+ of a
bytea literal in an
SQL+ statement. In general, to escape a byte, it is converted into the
+ three digit octal number equal to the octet value, and preceded by
+ usually two backslashes. The single quote (') and backslash
+ (\) characters have special alternative escape
+ sequences. See for more
+ information. PQescapeByteaConn performs this
+ operation, escaping only the minimally required bytes.
The only difference from PQescapeByteaConn is that
PQescapeBytea does not take a PGconn
- parameter. Because of this, PQescapeBytea can
- only be used safely in client programs that use a single
-
PostgreSQL connection at a time (in this case- it can find out what it needs to know behind the
- scenes). It might give the wrong results if
- used in programs that use multiple database connections (use
- PQescapeByteaConn in such cases).
+ parameter. Because of this, it cannot adjust its behavior
+ depending on the connection properties (in particular, whether
+ standard-conforming strings are enabled) and therefore
+ it might give the wrong results. Also, it has no
+ way to return an error message on failure.
+
+
+ PQescapeBytea can be used safely in single-threaded
+ client programs that work with only one
PostgreSQL+ connection at a time (in this case it can find out what it needs
+ to know behind the scenes). In other contexts it is
+ a security hazard and should be avoided in favor of
+ PQescapeByteaConn.
projects / postgresql.git / commitdiff