Re: [SQL] Storing encrypted data?
On Mon, Jul 17, 2006 at 02:05:32PM +0800, John Tregea wrote: > Thanks for your advice. I was looking at the bytea data type in the > PostgreSQL book I bought (Korry and Susan Douglas, second edition). I > was concerned that if I have to escape certain characters like the > single quote or the backslash, how do I guarantee that the escaped > version does not already appear in the encrypted string? > > Should I use the octal value to escape the single quote (\047) and > backslash (\\134)? Yes, you'll need to escape certain characters like backslashes. Your client API might provide an escaping function so you don't have to worry about the details, or, if you're using placeholders, the API might automatically escape binary data or transfer it to the backend as binary. What client interface will you be using to insert this data? > Those character sequences are extremely unlikely to occur in an > encrypted string. They're as likely to occur as any other. A desirable property of a cipher is that its output should be indistinguishable from random data, so any character or sequence of characters is equally likely to occur. > Also... I note that I cannot change the data type of my field from text > to bytea (I am using PGADMIN III). Do you know why? I don't use pgAdmin so I don't know what it can or can't do. Have you tried it in psql? What version of PostgreSQL are you using? The ability to alter a column's type was added in 8.0; in previous versions you can use the method shown in the FAQ: http://www.postgresql.org/docs/faqs.FAQ.html#item4.3 -- Michael Fuhr ---(end of broadcast)--- TIP 3: Have you checked our extensive FAQ? http://www.postgresql.org/docs/faq
Re: [SQL] Storing encrypted data?
On 7/17/06, John Tregea <[EMAIL PROTECTED]> wrote: Hi Michael,Thanks for your advice. I was looking at the bytea data type in thePostgreSQL book I bought (Korry and Susan Douglas, second edition). Iwas concerned that if I have to escape certain characters like the single quote or the backslash, how do I guarantee that the escapedversion does not already appear in the encrypted string?Should I use the octal value to escape the single quote (\047) andbackslash (\\134)? Those character sequences are extremely unlikely to occur in anencrypted string.Is the the right approach ?Also... I note that I cannot change the data type of my field from textto bytea (I am using PGADMIN III). Do you know why? When I have data like this, I do a Base64 encoding. The string ends up longer but I no longer have to worry about special characters mucking things up.== Aaron Bono Aranya Software Technologies, Inc. http://www.aranya.com==
[SQL] hi let me know the solution to this question
Hi good morning all…….. Can u let me know if at all any system defined variable exists to check whether insert , update , and delete is successfully executed in a stored procedure…….. So that I can perform some steps based on the result of execution if possible please send me the sample code… Thanks & Regards Penchal reddy | Software Engineer Infinite Computer Solutions | Exciting Times…Infinite Possibilities... SEI-CMMI level 5 | ISO 9001:2000 IT SERVICES | BPO Telecom | Finance | Healthcare | Manufacturing | Energy & Utilities | Retail & Distribution | Government Tel +91-80-5193-(Ext:503)| Fax +91-80-51930009 | Cell No +91-9980012376|www.infics.com Information transmitted by this e-mail is proprietary to Infinite Computer Solutions and/ or its Customers and is intended for use only by the individual or entity to which it is addressed, and may contain information that is privileged, confidential or exempt from disclosure under applicable law. If you are not the intended recipient or it appears that this mail has been forwarded to you without proper authority, you are notified that any use or dissemination of this information in any manner is strictly prohibited. In such cases, please notify us immediately at [EMAIL PROTECTED] and delete this mail from your records. Information transmitted by this e-mail is proprietary to Infinite Computer Solutions and / or its Customers and is intended for use only by the individual or the entity to which it is addressed, and may contain information that is privileged, confidential or exempt from disclosure under applicable law. If you are not the intended recipient or it appears that this mail has been forwarded to you without proper authority, you are notified that any use or dissemination of this information in any manner is strictly prohibited. In such cases, please notify us immediately at [EMAIL PROTECTED] and delete this email from your records.
Re: [SQL] hi let me know the solution to this question
On Tue, Jul 18, 2006 at 10:46:29AM +0530, Penchalaiah P. wrote: > Can u let me know if at all any system defined variable exists to check > whether insert , update , and delete is successfully executed in a > stored procedure > > So that I can perform some steps based on the result of execution if > possible please send me the sample code... Depending on what you mean by "successfully executed," see "Obtaining the Result Status" or "Trapping Errors" in the PL/pgSQL documentation (error trapping is available in 8.0 and later). http://www.postgresql.org/docs/8.1/interactive/plpgsql-statements.html#PLPGSQL-STATEMENTS-DIAGNOSTICS http://www.postgresql.org/docs/8.1/interactive/plpgsql-control-structures.html#PLPGSQL-ERROR-TRAPPING -- Michael Fuhr ---(end of broadcast)--- TIP 9: In versions below 8.0, the planner will ignore your desire to choose an index scan if your joining column's datatypes do not match
