Hello 2010/5/30 Dennis Gearon <gearond@xxxxxxxxxxxxx>: > I'm trying to build a way to bulk load from a script to a Dbase, postgres. > > Using single, parameterized statements is a pretty good defense against SQL injection, so I use Symfony as the main user input. > > But for this bulk loading, it's tooooooo slow. Maybe you have enabled autocomit - then it can be very very slow. > > If I build a text based, COPY file for bulk purposes, to be input via the command line, is Postgres vulnerable to SQL injection from that? SQL database cannot be injected via NON SQL statemenst like COPY. Regards Pavel Stehule > > > Dennis Gearon > > Signature Warning > ---------------- > EARTH has a Right To Life, > otherwise we all die. > > Read 'Hot, Flat, and Crowded' > Laugh at http://www.yert.com/film.php > > -- > Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) > To make changes to your subscription: > http://www.postgresql.org/mailpref/pgsql-general > -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
