On Aug 26, 2005, at 2:53 PM, cbraden wrote:
> Folks,
>
> I would like to know how to prevent SQL attacks on a postgreSQL
> server.
>
> I know in mySQL you can put any input going to the DB through a
> filter which encodes anything which would be malicious into mySQL
> safe data. I need something similar in postgreSQL. Specifically
> as a php implementation if it exists.
You can use pg_escape_string ()
http://www.php.net/pg_escape_string
Charley