Re: SQL safe input?
| От | Bruno Wolff III |
|---|---|
| Тема | Re: SQL safe input? |
| Дата | |
| Msg-id | 20050828024755.GA19328@wolff.to обсуждение исходный текст |
| Ответ на | Re: SQL safe input? (<operationsengineer1@yahoo.com>) |
| Список | pgsql-novice |
On Sat, Aug 27, 2005 at 18:55:54 -0700, operationsengineer1@yahoo.com wrote: > --- Bruno Wolff III <bruno@wolff.to> wrote: > > > Can you give us an idea of what a "really long string > is?" is it something i need to worry about in varchar > field where notes are entered? > > if someone enters a string note like: > > "test unit failed; os2; likely failure; where t=2" > > will it fail b/c of the ";"s? That wouldn't be a problem. If someone entered one that was gigabytes in size it may be a problem in terms of flushing your memory of useful things and slow performance down. If there is a bug, a few kilobytes could cause a problem. If you know the data can't be more than a few 10s of bytes you probably want to not process ones much larger as it is probably someone trying to mess with you.
В списке pgsql-novice по дате отправления: