Hello,
Is het possible tot REVOKE the ALTER USER command? In such a way that users cannot change their password and username?
And also cannot delete themeself with DROP USER?
Now I solve the problem in PHP, to filter de SQL query string behore sending to postgresql as follows:
1. selete double, triple etc, spaces (with regular expression: ~ {2,}~)
2. upper the string (with strtoupper())
3. delete SQL commondos (with '#(ALTER USER|DROP USER)#siU'
but you can still create a pgsql function that's excute SQL commando's and maybe other ways... So this isn't a good option.
I can't make new database users. That is forbidden by my host. So i don't want to lose any users. Has someone ideas??
Greetz,
Tjibbe
De nieuwe Hotmail: Nu 2 GB aan opslag - dat zijn maar liefst 1000 foto's - en nog steeds gratis!
Windows Live Hotmail