> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of
> Christopher Kings-Lynne
> Sent: 31 May 2006 04:16
> To: Tom Lane
> Cc: Hackers
> Subject: Re: [HACKERS] PQescapeIdentifier
>
> > Christopher Kings-Lynne <[EMAIL PROTECTED]> writes:
> >> Here's a question. I wish to add a function to libpq to escape
> >> PostgreSQL identifiers. Will this function be subject to the same
> >> security/encoding issues as PQescapeString?
> >
> > Is this of any general-purpose use? How many apps are
> really prepared
> > to let an untrusted user dictate which columns are
> selected/compared?
>
> phpPgAdmin has use for it, I assume pgAdmin would as well.
Yes, it would.
Regards, Dave.
---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly
