Re: Escaping strings for inclusion into SQL queries
| От | Bruce Momjian |
|---|---|
| Тема | Re: Escaping strings for inclusion into SQL queries |
| Дата | |
| Msg-id | 200108302243.f7UMhuP09937@candle.pha.pa.us обсуждение исходный текст |
| Ответ на | Re: Escaping strings for inclusion into SQL queries (Florian Weimer <Florian.Weimer@RUS.Uni-Stuttgart.DE>) |
| Список | pgsql-hackers |
> Florian Weimer <Florian.Weimer@rus.uni-stuttgart.de> writes: > > > We therefore suggest that a string escaping function is included in a > > future version of PostgreSQL and libpq. A sample implementation is > > provided below, along with documentation. > > We have now released a description of the problems which occur when a > string escaping function is not used: > > http://cert.uni-stuttgart.de/advisories/apache_auth.php > > What further steps are required to make the suggested patch part of > the official libpq library? Will be applied soon. I was waiting for comments before adding it to the patch queue. -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 853-3000+ If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill, Pennsylvania19026
В списке pgsql-hackers по дате отправления: