Re: child/parent creation
| От | Justin Graf |
|---|---|
| Тема | Re: child/parent creation |
| Дата | |
| Msg-id | 4C017A48.1020303@magwerks.com обсуждение исходный текст |
| Ответ на | child/parent creation (Dennis Gearon <gearond@sbcglobal.net>) |
| Список | pgsql-general |
On 5/29/2010 1:05 PM, Dennis Gearon wrote: > Is it possible to create a complex schema object in one transaction, I'm not sure i understand what you mean by schema object???? > using prepared statements to protect(somewaht) against SQL injection? > In short no Prepared statements do not protect from SQL injection. Prepared statements are used to skip the planning stage of the query. There are really only two ways to block SQL injection parameterized queries or check/remove command characters from the query sent to the DB > Example: A 'family tree object' (having obvious relationships) consisting of: > > Table grandparent > Table parent > table childA > table childB > > If I have all the information for each 'sub-object' in the 'family tree object', but of course, the primary, integer, sequencekeys. > > So, using a script language, the procedure I'm doing now is creating one node, getting the id with another query (becauseof a (reported and actual) bug in the Doctrine ORM), and then creating the next level down. > > My application has nothing to do with family trees, actually, just an example. > > > each of the (relevant) primary keys is a BIGSERIL, sequence backed, BIGINT. > > I do not understand what you are trying to do here, please clarify???? All legitimate Magwerks Corporation quotations are sent in a .PDF file attachment with a unique ID number generated by ourproprietary quotation system. Quotations received via any other form of communication will not be honored. CONFIDENTIALITY NOTICE: This e-mail, including attachments, may contain legally privileged, confidential or other informationproprietary to Magwerks Corporation and is intended solely for the use of the individual to whom it addresses.If the reader of this e-mail is not the intended recipient or authorized agent, the reader is hereby notified thatany unauthorized viewing, dissemination, distribution or copying of this e-mail is strictly prohibited. If you have receivedthis e-mail in error, please notify the sender by replying to this message and destroy all occurrences of this e-mailimmediately. Thank you.
Вложения
В списке pgsql-general по дате отправления: