Utility Functions
pg.escapeIdentifier
Escapes a string as a SQL identifier.
const { escapeIdentifier } = require('pg')
const escapedIdentifier = escapeIdentifier('FooIdentifier')
console.log(escapedIdentifier) // '"FooIdentifier"'⚠️
Note: When using an identifier that is the result of this function in an operation like CREATE TABLE ${escapedIdentifier(identifier)}, the table that is created will be CASE SENSITIVE. If you use any capital letters in the escaped identifier, you must always refer to the created table like SELECT * from "MyCaseSensitiveTable"; queries like SELECT * FROM MyCaseSensitiveTable will result in a "Non-existent table" error since case information is stripped from the query.
pg.escapeLiteral
⚠️
Note: Instead of manually escaping SQL literals, it is recommended to use parameterized queries. Refer to parameterized queries and the client.query API for more information.
Escapes a string as a SQL literal.
const { escapeLiteral } = require('pg')
const escapedLiteral = escapeLiteral("hello 'world'")
console.log(escapedLiteral) // "'hello ''world'''"