Quick Links

Re: SQL safe input?

From:	Philip Hallstrom <postgresql(at)philip(dot)pjkh(dot)com>
To:	cbraden <cbraden(at)douglasknight(dot)com>
Cc:	pgsql-novice(at)postgresql(dot)org
Subject:	Re: SQL safe input?
Date:	2005-08-26 20:57:26
Message-ID:	20050826135636.T20018@wolf.pjkh.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-novice

> cbraden <cbraden(at)douglasknight(dot)com> wrote:
>> Folks,
>>
>> I would like to know how to prevent SQL attacks on a postgreSQL server.
>>
>> I know in mySQL you can put any input going to the DB through a filter
>> which encodes anything which would be malicious into mySQL safe data. I
>> need something similar in postgreSQL. Specifically as a php
>> implementation if it exists.

http://us2.php.net/manual/en/function.pg-escape-string.php

-philip

In response to

Re: SQL safe input? at 2005-08-26 20:44:15 from Bruno Wolff III

Responses

Prepare() Value at 2005-08-26 22:53:15 from operationsengineer1

Browse pgsql-novice by date

	From	Date	Subject
Next Message	operationsengineer1	2005-08-26 21:32:07	Re: SQL "OR" Problem
Previous Message	Bruno Wolff III	2005-08-26 20:44:15	Re: SQL safe input?