Skip site navigation (1) Skip section navigation (2)

Re: SQL safe input?

From: Philip Hallstrom <postgresql(at)philip(dot)pjkh(dot)com>
To: cbraden <cbraden(at)douglasknight(dot)com>
Cc: pgsql-novice(at)postgresql(dot)org
Subject: Re: SQL safe input?
Date: 2005-08-26 20:57:26
Message-ID: 20050826135636.T20018@wolf.pjkh.com (view raw or flat)
Thread:
Lists: pgsql-novice
>  cbraden <cbraden(at)douglasknight(dot)com> wrote:
>> Folks,
>>
>> I would like to know how to prevent SQL attacks on a postgreSQL server.
>>
>> I know in mySQL you can put any input going to the DB through a filter
>> which encodes anything which would be malicious into mySQL safe data.  I
>> need something similar in postgreSQL.  Specifically as a php
>> implementation if it exists.

http://us2.php.net/manual/en/function.pg-escape-string.php

-philip

In response to

Responses

pgsql-novice by date

Next:From: operationsengineer1Date: 2005-08-26 21:32:07
Subject: Re: SQL "OR" Problem
Previous:From: Bruno Wolff IIIDate: 2005-08-26 20:44:15
Subject: Re: SQL safe input?

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group