Skip site navigation (1) Skip section navigation (2)

Re: entrance from php to postgresql

From: DCarrero <dcarreroc(at)gmail(dot)com>
To: "John DeSoi" <desoi(at)pgedit(dot)com>
Cc: pgsql-php(at)postgresql(dot)org
Subject: Re: entrance from php to postgresql
Date: 2006-07-11 17:49:52
Message-ID: 5887d1f40607111049i545d7207u284ed61b5934b31d@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-php
2006/7/11, John DeSoi <desoi(at)pgedit(dot)com>:
>
> On Jul 11, 2006, at 1:23 PM, DCarrero wrote:
>
> > I was asking if this useful, or secure to do a transaction on web, or
> > you recomend use a function with parameters an inside this insert
> > data, thank for the information too...
>
> If you are inserting user entered data (especially from the web) I
> highly recommend you use prepared statements. This will deal with
> security issues related to SQL injection. I prefer to use functions,
> but it is not necessary. Here is a short article I wrote which you
> might find helpful in using prepared statements from PHP:
>
> http://pgedit.com/resource/php/pgfuncall

Thanks again :D

In response to

Responses

pgsql-php by date

Next:From: DCarreroDate: 2006-07-11 20:50:48
Subject: Re: entrance from php to postgresql
Previous:From: John DeSoiDate: 2006-07-11 17:44:06
Subject: Re: entrance from php to postgresql

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group