On Nov 14, 2007, at 4:23 PM, Scott Marlowe wrote:
On Nov 14, 2007 2:40 PM, madhtr <madhtr@xxxxxxxxx> wrote:
Quick question, are there any native functions in PostGreSQL 8.1.4
that will
strip HTML tags, escape chars, etc?
I can't think of a lot of native functions, but it's sure easy enough
to roll your own with things like the regex functionality built in.
Please don't do that- there are corner cases where a naive regex can
fail, leaving the programmer thinking he is covered when he is not.
The variety of web languages include filtering modules
(HTML::Scrubber)- in the case of Perl or PHP, it can even be run
server-side.
Furthermore, one shouldn't use an API which allows for SQL injections.
Cheers,
M
---------------------------(end of broadcast)---------------------------
TIP 5: don't forget to increase your free space map settings
