Re: Effectiveness of pg_escape_string at blocking SQL injection

Поиск
Список
Период
Сортировка
От Ed Finkler
Тема Re: Effectiveness of pg_escape_string at blocking SQL injection
Дата
Msg-id 42974BDD.8040807@cerias.purdue.edu
обсуждение исходный текст
Ответ на Re: Effectiveness of pg_escape_string at blocking SQL injection attacks  (Volkan YAZICI <volkan.yazici@gmail.com>)
Ответы Re: Effectiveness of pg_escape_string at blocking SQL  (Andrew McMillan <andrew@catalyst.net.nz>)
Список pgsql-php
Дерево обсуждения 
Volkan YAZICI wrote:

[snip]

> If you think, they're not enough for SQL-Injection attacks, I'd advice
> you to patch libpq code, not PHP.

This is very helpful information.  My initial thinking is that this
wouldn't be effective at catching SQL injections, but I'll need to
bounce this off a few other folks.

Thanks!

--
Ed Finkler
Web and Security Archive Administrator
CERIAS - Purdue University
http://www.cerias.purdue.edu/
v: 765.496.6762  f: 764.496.3181

В списке pgsql-php по дате отправления:

Предыдущее
От: Volkan YAZICI
Дата:
Сообщение: Re: Effectiveness of pg_escape_string at blocking SQL injection attacks
Следующее
От:
Дата:
Сообщение: Re: Effectiveness of pg_escape_string at blocking SQL injection