On Fri, Jul 16, 2004 at 10:03:56AM +0200,
Najib Abi Fadel [EMAIL PROTECTED] wrote
a message of 37 lines which said:
Is there any documentation explaning the C functions (syntax) used
in postgres.h library ??
http://www.postgresql.org/docs/7.4/static/libpq.html
On Mon, Jul 19, 2004 at 12:33:40AM -0400, Tom Lane wrote:
Chuck Bearden [EMAIL PROTECTED] writes:
I am building from a freshly downloaded tar.gz of 7.4.3. The machine is
a 4CPU Dell with an unsupported RH 9 install.
When I ran the regression tests, two failed: horology and stats. I'll
In the course of creating a new PG 7.4.3 server, I chose UTF-8 as my
locale. I now find that sorting is very different with that setting: It
appears, through trial and error, that all non-alphanumeric characters
are completely ignored by ORDER BY. Thus, traditional tricks like
prefixing a name
Hello,
I know this is a bit late, but, can anyone please help!!??? does anyone at
all have any idea how I might be able to get back some of my data from the
website that was hosted at pghoster before they vanished? (I know, I should
have backed up more often, but I unfortunately started to get
Geoff Caplan wrote:
I'm new to Postgres and trying to get up to speed on the security
issues. There seems to be remarkably little Postgres specific stuff
on preventing SQL injection attacks.
If you use prepared statements (the details of which vary by programming
language), you should be
Geoff Caplan [EMAIL PROTECTED] wrote:
Hi folks,
I'm new to Postgres and trying to get up to speed on the security
issues. There seems to be remarkably little Postgres specific stuff on
preventing SQL injection attacks.
Most of the online literature is on MS SQL Server. There, the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
A Bruce wrote:
| hello,
|
| I am attempting to convert a oracle database to postgresql and I am having
| some problems creating a constraint across multiple columns which are a
| mixture of case insensitive and case sensitive.
|
| The original oracle
On Tue, 20 Jul 2004, John Gunther wrote:
In the course of creating a new PG 7.4.3 server, I chose UTF-8 as my
locale. I now find that sorting is very different with that setting: It
As a note, UTF-8 is not a locale. My guess is that you are actually using
something like en_XX.UTF-8 (for some
Hi folks,
Peter Eisentraut wrote:
PE If you use prepared statements (the details of which vary by
PE programming language), you should be quite safe.
Peter - thanks for the suggestion. You are right: a poorly designed
function might simply concatenate the injected code - I hadn't really
John Gunther [EMAIL PROTECTED] writes:
In the course of creating a new PG 7.4.3 server, I chose UTF-8 as my
locale.
UTF-8 is a character set encoding, not a locale. I suspect you may
have chosen en_US or something like that as your locale.
I now find that sorting is very different with that
Geoff Caplan [EMAIL PROTECTED] wrote:
BM To protect yourself from SQL injections, just pass all your data through
BM PQescapeString()
I'm no expert, but the papers I have been reading suggest that the
usual hygene advice such as don't display DB error messages and escape
unsafe strings
Bill Moran [EMAIL PROTECTED] wrote:
[snip]
Simply put:
1) If the untrusted value is a string, using a proper escape sequence should
make it safe.
2) If the untrusted value is not a string, then it should be tested for
proper value (i.e. if it should be a number, it should be ensured
12 matches
Mail list logo
