| From: | pepone(dot)onrez <pepone(dot)onrez(at)gmail(dot)com> |
|---|---|
| To: | pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Best practices for protect applications agains Sql injection. |
| Date: | 2008-01-23 22:53:27 |
| Message-ID: | 198501d60801231453hd42fb74o9f191a2ec031e28@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Thanks all you, i will use prepared queries for all my functions after now.
BTW i using Qt-4 postgres drivers from c++ not php. I launch this question
because i read that each day more are more applications are compromised with
this class of attacks.
Thanks again.
On Jan 23, 2008 9:45 PM, brian <brian(at)zijn-digital(dot)com> wrote:
> pepone.onrez wrote:
> > Hi all
> >
> > I interesting in the protect my applications that use postgresql as is
> > database backend from Sql Injections attacks, can any recommend me best
> > pratices or references to protected postgres from this kind of malicious
> > users.
> >
>
> What are you using on the application side? For instance, with PHP, you
> might want to look into the PEAR MDB2 package (specifically, the
> prepared statements).
>
> brian
>
> ---------------------------(end of broadcast)---------------------------
> TIP 5: don't forget to increase your free space map settings
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Hart | 2008-01-23 22:53:56 | Re: ascii to utf-8 |
| Previous Message | Tom Hart | 2008-01-23 22:08:35 | Re: ascii to utf-8 |