Search Postgresql Archives

Re: SQL injection, php and queueing multiple statement

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Ivan Sergio Borgonovo <mail@xxxxxxxxxxxxxxx>
Subject: Re: SQL injection, php and queueing multiple statement
From: Tom Lane <tgl@xxxxxxxxxxxxx>
Date: Sat, 12 Apr 2008 12:39:38 -0400
Cc: pgsql-general@xxxxxxxxxxxxxx
Comments: In-reply-to Ivan Sergio Borgonovo <mail@xxxxxxxxxxxxxxx> message dated "Sat, 12 Apr 2008 18:20:36 +0200"
In-reply-to: <20080412182036.7600ccab@xxxxxxxxxxxxxxx>

Ivan Sergio Borgonovo <mail@xxxxxxxxxxxxxxx> writes:
> I may sound naive but having a way to protect the DB from this kind
> of injections looks as a common problem, I'd thought there was
> already a common solution.

Use prepared statements.

			regards, tom lane

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Follow-Ups:
- Re: SQL injection, php and queueing multiple statement
  - From: Ivan Sergio Borgonovo

References:
- SQL injection, php and queueing multiple statement
  - From: Ivan Sergio Borgonovo
- Re: SQL injection, php and queueing multiple statement
  - From: Adam Rich
- Re: SQL injection, php and queueing multiple statement
  - From: Ivan Sergio Borgonovo
- Re: SQL injection, php and queueing multiple statement
  - From: Jonathan Bond-Caron
- Re: SQL injection, php and queueing multiple statement
  - From: Ivan Sergio Borgonovo

Prev by Date: Re: PostgreSQL Processes on a linux box
Next by Date: Re: Postgres on shared network drive
Previous by thread: Re: SQL injection, php and queueing multiple statement
Next by thread: Re: SQL injection, php and queueing multiple statement
Index(es):
- Date
- Thread

[Index of Archives] [Postgresql Jobs] [Postgresql Admin] [Postgresql Performance] [Linux Clusters] [PHP Home] [PHP on Windows] [Kernel Newbies] [PHP Classes] [PHP Books] [PHP Databases] [Postgresql & PHP] [Yosemite]

Powered by Linux