Stuart McGraw wrote:
What is the best way to run an arbitrary query received from an untrusted source, safely?(I want a web page form with a textbox that a user can enter an arbitrary sql statement, then run it .....
just keep http://xkcd.com/327/ in mind. -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
