So far, we have only used integers, so SQL injection or special table names were not an issue. Basically, the following functions are available:
- quote_literal: It returns a string quote as string literal
- quote_nullable: It quotes a string
- quote_ident: It quotes SQL identifiers (object names and so on)
- decode_bytea: It decodes a PostgreSQL byte array field
- encode_bytea: It encodes data and turns it into a byte array
- encode_literal_array: It encodes an array of literals
- encode_typed_literal: It converts a Perl variable to the value of the datatype passed as a second argument and returns a string representation of this value
- encode_array_constructor: It returns the contents of the referenced array as ...