* Rikul Patel <rikul7@yahoo.com> [001017 01:07] wrote:
> Hi,
>
> Is there any way I can restrict number of queries to
> only one? Here's the problem:
>
> If PHP script gets some data as input from user, and
> PHP scripts tries to put this data into Postgresql,
> what's keeping the user to modify the data in way to
> have postgresql execute two queries.
>
> So instead of some PHP script generating query like
> "select * from table where text='some text' or id=1",
> some malicious user could make it generate "select *
> from table where text='some text' or id=1;delete from
> table"
see php's addslashes() function.
--
-Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org]
"I have the heart of a child; I keep it in a jar on my desk."