At 5:51p -0500 on 14 Nov 2007, A.M. wrote:
> On Nov 14, 2007, at 4:23 PM, Scott Marlowe wrote:
>
>> On Nov 14, 2007 2:40 PM, madhtr <[EMAIL PROTECTED]> wrote:
>>> Quick question, are there any native functions in PostGreSQL 8.1.4
>>> that will strip HTML tags, escape chars, etc?
>>
>> I can't thin
madhtr wrote:
> Quick question, are there any native functions in PostGreSQL 8.1.4 that
> will strip HTML tags, escape chars, etc?
Using an SQL function to circumvent SQL injections probably isn't the wisest
of ideas.
--
Peter Eisentraut
http://developer.postgresql.org/~petere/
---
Alvaro Herrera ha scritto:
> Martin Gainty escribió:
>> this is a very simple html tag strip routine
>> I dont understand what security you had in mind ..
>>
>> so I take it you're not a fan of dojo or GWT?
>
> Let's say the user disables javascript on the browser?
or more easily, an attacker can
On Nov 14, 2007 4:51 PM, A.M. <[EMAIL PROTECTED]> wrote:
>
>
> On Nov 14, 2007, at 4:23 PM, Scott Marlowe wrote:
>
> > On Nov 14, 2007 2:40 PM, madhtr <[EMAIL PROTECTED]> wrote:
> >> Quick question, are there any native functions in PostGreSQL 8.1.4
> >> that will
> >> strip HTML tags, escape chars
Martin Gainty escribió:
> this is a very simple html tag strip routine
> I dont understand what security you had in mind ..
>
> so I take it you're not a fan of dojo or GWT?
Let's say the user disables javascript on the browser?
--
Alvaro Herrerahttp://www.advogato.org/
gt;; "pgsql-general"
Sent: Wednesday, November 14, 2007 7:21 PM
Subject: Re: [GENERAL] stripping HTML, SQL injections ...
> Martin,
>
> 2000/11/15, Martin Gainty <[EMAIL PROTECTED]>:
> > Scott-
> >
> > In JavaScript
> >
http://www.java2s.com/Tutorial
Martin,
2000/11/15, Martin Gainty <[EMAIL PROTECTED]>:
> Scott-
>
> In JavaScript
> http://www.java2s.com/Tutorial/JavaScript/0520__Regular-Expressions/StripHTM
> L.htm
I don't remember what the consensus was back in 2000 (your mail's
timestamp), but in 2007 it's Not A Good Idea to rely on client
ber 14, 2007 6:16 PM
Subject: Re: [GENERAL] stripping HTML, SQL injections ...
> On Nov 14, 2007 4:51 PM, A.M. <[EMAIL PROTECTED]> wrote:
> >
> >
> > On Nov 14, 2007, at 4:23 PM, Scott Marlowe wrote:
> >
> > > On Nov 14, 2007 2:40 PM, madhtr <[EMAIL
On Nov 14, 2007, at 4:23 PM, Scott Marlowe wrote:
On Nov 14, 2007 2:40 PM, madhtr <[EMAIL PROTECTED]> wrote:
Quick question, are there any native functions in PostGreSQL 8.1.4
that will
strip HTML tags, escape chars, etc?
I can't think of a lot of native functions, but it's sure easy enoug
On Nov 14, 2007 2:40 PM, madhtr <[EMAIL PROTECTED]> wrote:
> Quick question, are there any native functions in PostGreSQL 8.1.4 that will
> strip HTML tags, escape chars, etc?
I can't think of a lot of native functions, but it's sure easy enough
to roll your own with things like the regex function
Quick question, are there any native functions in PostGreSQL 8.1.4 that will
strip HTML tags, escape chars, etc?
thanx:)
---(end of broadcast)---
TIP 6: explain analyze is your friend
11 matches
Mail list logo
