> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Christopher Kings-Lynne > Sent: 31 May 2006 04:16 > To: Tom Lane > Cc: Hackers > Subject: Re: [HACKERS] PQescapeIdentifier > > > Christopher Kings-Lynne <[EMAIL PROTECTED]> writes: > >> Here's a question. I wish to add a function to libpq to escape > >> PostgreSQL identifiers. Will this function be subject to the same > >> security/encoding issues as PQescapeString? > > > > Is this of any general-purpose use? How many apps are > really prepared > > to let an untrusted user dictate which columns are > selected/compared? > > phpPgAdmin has use for it, I assume pgAdmin would as well.
Yes, it would. Regards, Dave. ---------------------------(end of broadcast)--------------------------- TIP 1: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly