On Fri, May 20, 2005 at 08:40:26 +0200, "BARTKO, Zoltán" <bartko.zoltan@xxxxxxxx> wrote: > Hello folks, > > Problem: > > I would need some help with the system I am working on. It is an > information system built on PgSQL 8 and after searching all over the > net I found no function I could use to determine where the request to > the DB (select...) came from. I need it to prevent using fake user ID > numbers. The 8.1 TODO indicates such information will be saved. I don't know if there will be a predfined function to retrieve the information, but if not you will be able to write your own in C. > Premises: > > All clients connect to the server via a single DB user. The users do > not know the passwords of each other, but they may know each other's > ID numbers. Any action in the system is carried out via access > functions implemented as stored procedures on the DB and the tables > are only accessible to select data, nothing more. My suggestion would be to have everyone use their own username. You are effectively maintaining this information anyway, so I wouldn't expect it to be much harder to maintain normal postgres users instead of or in addition to your current ids. ---------------------------(end of broadcast)--------------------------- TIP 8: explain analyze is your friend
