Re: How does one make the following psql statement sql-injection resilient?

Поиск
Список
Период
Сортировка
От David G. Johnston
Тема Re: How does one make the following psql statement sql-injection resilient?
Дата
Msg-id CAKFQuwZp=+_yEFkiFZH1WnSBCusyhjzabgCWwoO+wfYh=6UmZA@mail.gmail.com
обсуждение исходный текст
Ответ на Re: How does one make the following psql statement sql-injection resilient?  (Alvaro Herrera <alvherre@2ndquadrant.com>)
Ответы Re: How does one make the following psql statement sql-injection resilient?  ("David G. Johnston" <david.g.johnston@gmail.com>)
Список pgsql-general
Дерево обсуждения
On Thu, Mar 19, 2015 at 12:43 PM, Alvaro Herrera <alvherre@2ndquadrant.com> wrote:
David G. Johnston wrote:

> Except that server "COPY" only is documented to accept a "query" that
> begins with either SELECT or VALUES :(
>
> I hereby voice my desire for EXECUTE to be usable as well.

Feel free to submit a patch ...

​I get your point though if anyone else wants this before 2017 they shouldn't count on me.

David J.
 

В списке pgsql-general по дате отправления:

Предыдущее
От: Alvaro Herrera
Дата:
Сообщение: Re: How does one make the following psql statement sql-injection resilient?
Следующее
От: Jason Dusek
Дата:
Сообщение: Re: regclass and format('%I')