Add escape_identifier() and escape_literal(). #702
Conversation
| /// If input contains backslashes, result will be of the form ` | ||
| /// E'...'` so it is safe to use regardless of the setting of | ||
| /// standard_conforming_strings. | ||
| pub fn escape_literal(input: &str) -> String { |
There was a problem hiding this comment.
Can we have these return a Cow<str> so the no escaping needed case doesn't need to reallocate?
There was a problem hiding this comment.
escape_literal() follows the semantics of PQescapeLiteral(), which always allocates because the result must be surrounded by quote marks. This is different from PQescapeStringConn() which has some messy history that I don't think we need to follow because we should be using parameters most of the time anyway. In those cases where we still need it (like utility commands or replication commands), either form will suffice.
We could potentially optimize escape_identifier(), but it would deviate from libpq. I don't see this as likely to be a hot path, so the trade-off doesn't seem great to me.
There was a problem hiding this comment.
Ah yeah I missed that quotes were always added. The behavior here makes sense in that case.
Fix #575
These functions are generally useful, but also useful specifically for PR #696 which needs to include arbitrary identifiers in a SQL string.