in reply to Re: Escaping SQL correctly
in thread Escaping SQL correctly

Don't you want to connect to a database and send the escaped SQL to it?

No.

I need to generate correctly-formed SQL statements to use in a report, which will then be reviewed by human eyes before entered in a database.

That quote method looks promising, but I'd still need a handle. Is there any way to construct one without actually creating a database connection?

Replies are listed 'Best First'.
Re^3: Escaping SQL correctly
by jZed (Prior) on Mar 08, 2006 at 01:52 UTC
    Well, as I mentioned you can connect to one of the Pg system tables if you have access to Pg at all. If you don't, you may actually be able to do something like this (note no DBI or connection): 
    use DBD::Pg;
my $foo = q{foo'bar'baz};
print DBD::Pg::db->quote($foo);
# prints 'foo''bar''bas'

    [download]
[reply]
[d/l]

      Thanks!

      I'll probably go with this solution, and if I can't get it to work I'll just install another copy of Postgres and use the template1 database and the quote method. I can write a wrapper that does the placeholder-style operation on my own, I think.

      Your help is much appreciated!

[reply]

In Section Seekers of Perl Wisdom