Effectiveness of pg_escape_string at blocking SQL injection attacks

Поиск

Список

Период

Сортировка

От	Ed Finkler
Тема	Effectiveness of pg_escape_string at blocking SQL injection attacks
Дата	27 мая 2005 г. 15:57:12
Msg-id	4297435C.20605@cerias.purdue.edu обсуждение исходный текст
Ответы	Re: Effectiveness of pg_escape_string at blocking SQL injection attacks Re: Effectiveness of pg_escape_string at blocking SQL injection attacks Re: Effectiveness of pg_escape_string at blocking SQL injection attacks
Список	pgsql-php

Дерево обсуждения

Folks,

The php mysql api has a function "mysql_real_escape_string" that seems
to be able to thwart known SQL injection attacks -- at least the ones of
which I and other people I've discussed this with know.  I am curious to
know if pg_escape_string is as effective.  If not, what would need to be
modified to make it more effective?

(there is a possibility that I may be able to get a grad student to work
  on this at the center, so detailed responses would be appreciated.)

Thanks!

--
Ed Finkler
Web and Security Archive Administrator
CERIAS - Purdue University
http://www.cerias.purdue.edu/
v: 765.496.6762  f: 764.496.3181

В списке pgsql-php по дате отправления:

Предыдущее

От: Volkan YAZICI
Дата: 18 мая 2005 г., 11:46:32
Сообщение: Re: php5 and Pg 8.0.3 install from sources - problem

Следующее

От: Bruno Wolff III
Дата: 27 мая 2005 г., 16:00:48
Сообщение: Re: Effectiveness of pg_escape_string at blocking SQL injection attacks

Вход в личный кабинет

Восстановление пароля

Подтверждение аккаунта

Изменение пароля

Effectiveness of pg_escape_string at blocking SQL injection attacks

Предыдущее

Следующее