From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
---|---|
To: | operationsengineer1(at)yahoo(dot)com |
Cc: | pgsql-novice(at)postgresql(dot)org |
Subject: | Re: SQL safe input? |
Date: | 2005-08-28 02:47:55 |
Message-ID: | 20050828024755.GA19328@wolff.to |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-novice |
On Sat, Aug 27, 2005 at 18:55:54 -0700,
operationsengineer1(at)yahoo(dot)com wrote:
> --- Bruno Wolff III <bruno(at)wolff(dot)to> wrote:
>
>
> Can you give us an idea of what a "really long string
> is?" is it something i need to worry about in varchar
> field where notes are entered?
>
> if someone enters a string note like:
>
> "test unit failed; os2; likely failure; where t=2"
>
> will it fail b/c of the ";"s?
That wouldn't be a problem. If someone entered one that was gigabytes in
size it may be a problem in terms of flushing your memory of useful things
and slow performance down. If there is a bug, a few kilobytes could cause
a problem. If you know the data can't be more than a few 10s of bytes
you probably want to not process ones much larger as it is probably
someone trying to mess with you.
From | Date | Subject | |
---|---|---|---|
Next Message | Flávio Brito | 2005-08-28 11:47:11 | see all queries incoming |
Previous Message | operationsengineer1 | 2005-08-28 01:55:54 | Re: SQL safe input? |