In response to Andre Lopes <lopes80andre@xxxxxxxxx>: > Hi, > > I need to escape quotes on an insert into that have a quote like this: > > http://host.com/cond'nast > > How can I escape " ' " on an insert into? It depends: The best way is to pass the string as a parametrized query, then you don't have to escape anything. The second best way is to use the string escape function for whatever language your programming in. If you don't have either of those available, you should reconsider your choice of language/client library, as writing your own escape functions is bad news. If you're forced to write the raw SQL statements for some reason, you escape ' with a second ', so: INSERT INTO tablename (colname) VALUES ('http://host.com/cond''nast'); -- Bill Moran http://www.potentialtech.com http://people.collaborativefusion.com/~wmoran/ -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
