| From: | "Dave Cramer" <Dave(at)micro-automation(dot)net> |
|---|---|
| To: | <tomcat(at)meinsenf(dot)at>, <pgsql-jdbc(at)postgresql(dot)org> |
| Subject: | Re: missing quote_string - function |
| Date: | 2001-11-08 00:29:27 |
| Message-ID: | 00ad01c167ec$6d45d380$c201a8c0@inspiron |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-jdbc |
Hmmmm....
That's an interesting problem I will have to check to see if we are
vulnerable to that example
On the upside, if you use a prepared statement you won't have to do
anything, the string will be quoted for you
Dave
-----Original Message-----
From: pgsql-jdbc-owner(at)postgresql(dot)org
[mailto:pgsql-jdbc-owner(at)postgresql(dot)org] On Behalf Of tomcat(at)meinsenf(dot)at
Sent: November 7, 2001 6:31 PM
To: pgsql-jdbc(at)postgresql(dot)org
Subject: [JDBC] missing quote_string - function
Hi,
I'm new to postgresql (used MySQL before)!
I'm looking for a function to quote a query-string!
There's a function in MySQL (eg in PHP:
http://www.php.net/manual/en/function.mysql-escape-string.php) - is
there
nothing in postgresql's JDBC???
thanks
michi
---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Barry Lind | 2001-11-08 04:26:49 | Re: MD5-based passwords |
| Previous Message | tomcat | 2001-11-07 23:30:41 | missing quote_string - function |