Re: SQL safe input?

--- Bruno Wolff III <bruno@wolff.to> wrote:

> On Sat, Aug 27, 2005 at 16:22:51 -0700,
>   operationsengineer1@yahoo.com wrote:
> >
> > if bad data is submitted, is there something going
> on
> > "behind the scenes" to scrub the bad data and
> cause
> > the query to fail instead of run with the bad
> data?
> > how does the the system know the data is bad data?
>
> The type input routines will reject bad data. I
> wouldn't feel too safe about
> handling really large strings without a problem in
> all cases, but invalid
> syntax shouldn't cause anything but the transaction
> to abort.

hi Bruno,

Can you give us an idea of what a "really long string
is?"  is it something i need to worry about in varchar
field where notes are entered?

if someone enters a string note like:

"test unit failed; os2; likely failure; where t=2"

will it fail b/c of the ";"s?

sorry for so many questions, but i didn't know
anythign about this until it came up in the mailing
list.

tia...


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com