Thanks for your help. It is working. Best Regards, On Wed, Dec 21, 2011 at 9:04 PM, Bill Moran <wmoran@xxxxxxxxxxxxxxxxx> wrote: > In response to Andre Lopes <lopes80andre@xxxxxxxxx>: > >> Hi, >> >> I need to escape quotes on an insert into that have a quote like this: >> >> http://host.com/cond'nast >> >> How can I escape " ' " on an insert into? > > It depends: > > The best way is to pass the string as a parametrized query, then you don't > have to escape anything. > > The second best way is to use the string escape function for whatever > language your programming in. > > If you don't have either of those available, you should reconsider your > choice of language/client library, as writing your own escape functions is > bad news. > > If you're forced to write the raw SQL statements for some reason, you > escape ' with a second ', so: > INSERT INTO tablename (colname) VALUES ('http://host.com/cond''nast'); > > -- > Bill Moran > http://www.potentialtech.com > http://people.collaborativefusion.com/~wmoran/ > > -- > Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) > To make changes to your subscription: > http://www.postgresql.org/mailpref/pgsql-general -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
