| From: | <operationsengineer1(at)yahoo(dot)com> |
|---|---|
| To: | Bruno Wolff III <bruno(at)wolff(dot)to> |
| Cc: | pgsql-novice(at)postgresql(dot)org |
| Subject: | Re: SQL safe input? |
| Date: | 2005-08-28 01:55:54 |
| Message-ID: | 20050828015554.37622.qmail@web33305.mail.mud.yahoo.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-novice |
--- Bruno Wolff III <bruno(at)wolff(dot)to> wrote:
> On Sat, Aug 27, 2005 at 16:22:51 -0700,
> operationsengineer1(at)yahoo(dot)com wrote:
> >
> > if bad data is submitted, is there something going
> on
> > "behind the scenes" to scrub the bad data and
> cause
> > the query to fail instead of run with the bad
> data?
> > how does the the system know the data is bad data?
>
> The type input routines will reject bad data. I
> wouldn't feel too safe about
> handling really large strings without a problem in
> all cases, but invalid
> syntax shouldn't cause anything but the transaction
> to abort.
hi Bruno,
Can you give us an idea of what a "really long string
is?" is it something i need to worry about in varchar
field where notes are entered?
if someone enters a string note like:
"test unit failed; os2; likely failure; where t=2"
will it fail b/c of the ";"s?
sorry for so many questions, but i didn't know
anythign about this until it came up in the mailing
list.
tia...
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruno Wolff III | 2005-08-28 02:47:55 | Re: SQL safe input? |
| Previous Message | Bruno Wolff III | 2005-08-27 23:54:13 | Re: SQL safe input? |