't want the
error clogging up my logs. But I don't want to suppress the
error as the query is business-critical and I need to know
if anything goes wrong.
I'd welcome suggestions as to how I can get this query to
run without throwing a date/time error when the result set
ple of
hours of agony, I suspect.
------
Geoff Caplan
Vario Software Ltd
(+44) 121-515 1154
---(end of broadcast)---
TIP 4: Don't 'kill -9' the postmaster
2337
etc...
Any pointers would be much appreciated!
------
Geoff Caplan
Vario Software Ltd
(+44) 121-515 1154
---(end of broadcast)---
TIP 6: Have you searched our list archives?
http://archives.postgresql.org
e the sequence to cache some
>>> number of entries so that they are pre-allocated and stored in memory
>>> for each session (e.g. - for each connection) for quicker access. See
>>> the documentation for "create sequence" for more details.
ecord-set?
There will probably be 6-8 SELECTs & UPDATEs for each INSERT.
I appreciate that I could set up some tests, but I am under the hammer
time-wise. Some rule-of-thumb advice from the list would be most
welcome.
------
Geoff Caplan
Vario Software Ltd
(+44) 121
Tom,
Belated thanks for the info (I've been away from my desk).
Very helpful.
------
Geoff Caplan
Vario Software Ltd
(+44) 121-515 1154
---(end of broadcast)---
TIP 7: don't forget to increase your free space map settings
n PHP, Tcl etc?
For example, with SQL Server, it appears you can slip in a
single-quote using encodings that are cast to ASCII #39 by the server.
Also, what about pg functions like convert()? Could they be used to
smuggle in a breakout character?
Looked at like this, perhaps robust escaping is
omatically)
Are you saying that "@bar" is part of the Postgres query syntax? If it
is, I can't find it in the 7.4 docs. What do you mean by "the
parameterised formats"? I would appreciate a clarification and the URL
of the relevant documentation.
Thanks
-
s easier to adopt a
particular style of programming ("any query using untrusted data MUST
be a parameterised prepared statement") than to analyse each and every
untrusted parameter for attack signatures? Or am I missing something
here?
--
Geoff Caplan
Vario Software
(+44) 1
ww.net-security.org/article.php?id=571
But so far as I can see, Peter's suggestion should provide a workable
robust solution. So thanks again!
--
Geoff Caplan
Vario Software Ltd
(+44) 121-515 1154
---(end of broadcast)---
T
ness of moving the queries into
the database against SQL injection attack would seem to depend on the
query engine internals. Will using the SQL functions provide the
robust protection I am looking for?
--
Geoff Caplan
Vario Software Ltd
(+44) 121-515 1154
-
top quality docs require specific skills and
resources which it is perhaps unreasonable to expect from an open source
project. It will probably take a commercial effort from GreatBridge or a
book to improve things. GreatBridge have made a start. I hope they continue
to test and develop their docs
running, but pg_ctl can't find it
- postmaster has started with the default datapath and is ignoring
$PGDATA
I get the same result if I launch automatically during startup.
Can anyone please help me make some sense of this? I am losing the
will to live...
Geoff C
ration file,
and it shows up ok if I "echo $PGDATA" in the shell. But none of the
postgres utilities such as "initdb" seem to be able to find it.
What don't I understand? I have already checked the docs/GreatBridge
manual/faqs/archive, so I would very much appreciate some help.
Geoff Caplan
---(end of broadcast)---
TIP 4: Don't 'kill -9' the postmaster
ut problems.
- I re-intalled phpPgAdmin from scratch.
So, advice would be very welcome - it's a great app and I am missing
it!
Geoff Caplan
Caplan Associates
PS I did post this to the phpPgAdmin specialist list but without
reply. Sorry for the cross posting, but I am very keen to get this
fixe
ut problems.
- I re-intalled phpPgAdmin from scratch.
So, advice would be very welcome - it's a great app and I am missing
it!
Geoff Caplan
Caplan Associates
PS I did post this to the phpPgAdmin specialist list but without
reply. Sorry for the cross posting, but I am very keen to get this
fixe
16 matches
Mail list logo