Peter Eisentraut wrote:
> Tom Lane wrote:
> > plpgsql does not consider standard_conforming_strings --- it still uses
> > backslash escaping in its function bodies regardless. Since the
> > language itself is not standardized, I see no particular reason that
> > standard_conforming_strings should govern it.
>
> I think plpgsql should behave either consistently with the rest of PostgreSQL
> or with Oracle, which it is copied from.
>
> > I believe the reason for
> > not changing it was that it seemed too likely to break existing
> > functions, with potentially nasty consequences if they chanced to be
> > security definers.
>
> Is this actually true or did we just forget it? :-)
I have added this TODO item:
Consider honoring standard_conforming_strings in PL/pgSQL function
bodies
* http://archives.postgresql.org/pgsql-bugs/2008-03/msg00102.php
Are we every going to enable standard_conforming_strings by default? If
not, I will remove the TODO item mentiong this.
standard_conforming_strings was added in Postgres 8.1, and
escape_string_warning was enabled in 8.2.
I think the big issue is that having standard_conforming_strings affect
function behavior introduces the same problems we have had in the past
of having a GUC affect function behavior.
--
Bruce Momjian <br...@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
