Skip site navigation (1)
Skip section navigation (2)
Peripheral Links
Header And Logo
|
Site Navigation
Re: Protection from SQL injection
- From: "Scott Marlowe" <scott(dot)marlowe(at)gmail(dot)com>
- To: "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>
- Cc: "Thomas Kellerer" <spam_eater(at)gmx(dot)net>, pgsql-sql(at)postgresql(dot)org
- Subject: Re: Protection from SQL injection
- Date: Sat, 26 Apr 2008 23:24:59 -0600
- Message-id: <dcc563d10804262224l431f0ae3t6c75af94a1ef3876(at)mail(dot)gmail(dot)com>
On Sat, Apr 26, 2008 at 9:58 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote: > IIRC there was some discussion recently of providing a mode in which > the server would reject PQexec strings containing more than one query. > I didn't care for it much at the time, but I think it would provide > most of the benefit of these suggestions with far less compatibility > or performance hit. agreed. And I trust (SQL) code review more than tying the hands of the programmers. But I've always had the luxury of working with developers who liked me as a DBA and were willing to do things my way, as far as the DB was concerned anyway...
- Follow-Ups:
- Re: Protection from SQL injection
- From: Ivan Sergio Borgonovo
- Re: Protection from SQL injection
- References:
- Protection from SQL injection
- From: Thomas Mueller
- Re: Protection from SQL injection
- From: Thomas Kellerer
- Re: Protection from SQL injection
- From: Scott Marlowe
- Re: Protection from SQL injection
- From: Tom Lane
- Re: Protection from SQL injection
- From: Scott Marlowe
- Re: Protection from SQL injection
- From: Tom Lane
- Protection from SQL injection
- Prev by Date: Re: Protection from SQL injection
- Next by Date: Re: Protection from SQL injection
- Previous by thread: Re: Protection from SQL injection
- Next by thread: Re: Protection from SQL injection
- Indexes: