A NOTE has been added to this issue. ====================================================================== http://dbmail.org/mantis/view.php?id=702 ====================================================================== Reported By: Maarten Deprez Assigned To: ====================================================================== Project: DBMail Issue ID: 702 Category: Authentication layer Reproducibility: always Severity: minor Priority: normal Status: new target: ====================================================================== Date Submitted: 15-May-08 14:47 CEST Last Modified: 15-May-08 18:41 CEST ====================================================================== Summary: postgresql binary string quoting Description: Postgresql needs <E'...'> quoting for binary strings. Currently by default it accepts normal quoting with a warning, but the manual warns it will change in a future release. ======================================================================
---------------------------------------------------------------------- paul - 15-May-08 18:41 ---------------------------------------------------------------------- Maarten, As far as I understand the PG docs, whenever a string has been put through the PGescapeString or related calls, the string or bytea has indeed been made safe to include in a query string - even without the E'' construct. That is why I closed the earlier report. In the trunk this issue is moot anyway since there all insertions involving strings or binary data is done with prepared statements. Issue History Date Modified Username Field Change ====================================================================== 15-May-08 14:47 Maarten Deprez New Issue 15-May-08 14:47 Maarten Deprez File Added: quote.patch 15-May-08 18:41 paul Note Added: 0002553 ====================================================================== _______________________________________________ Dbmail-dev mailing list [email protected] http://twister.fastxs.net/mailman/listinfo/dbmail-dev
