Christopher Kings-Lynne <chris(dot)kings-lynne(at)calorieking(dot)com> writes:
> Here's a question. I wish to add a function to libpq to escape
> PostgreSQL identifiers. Will this function be subject to the same
> security/encoding issues as PQescapeString?
Is this of any general-purpose use? How many apps are really prepared
to let an untrusted user dictate which columns are selected/compared?
But to answer your question, yes, I can certainly imagine
regards, tom lane
In response to
pgsql-hackers by date
|Next:||From: Christopher Kings-Lynne||Date: 2006-05-31 03:15:58|
|Subject: Re: PQescapeIdentifier|
|Previous:||From: Christopher Kings-Lynne||Date: 2006-05-31 02:50:24|