Re: missing quote_string - function - Mailing list pgsql-jdbc

From Dave Cramer
Subject Re: missing quote_string - function
Date
Msg-id 00ad01c167ec$6d45d380$c201a8c0@inspiron
Whole thread Raw
In response to missing quote_string - function  (tomcat@meinsenf.at)
List pgsql-jdbc
Hmmmm....

That's an interesting problem I will have to check to see if we are
vulnerable to that example

On the upside, if you use a prepared statement you won't have to do
anything, the string will be quoted for you


Dave

-----Original Message-----
From: pgsql-jdbc-owner@postgresql.org
[mailto:pgsql-jdbc-owner@postgresql.org] On Behalf Of tomcat@meinsenf.at
Sent: November 7, 2001 6:31 PM
To: pgsql-jdbc@postgresql.org
Subject: [JDBC] missing quote_string - function


Hi,

I'm new to postgresql (used MySQL before)!
I'm looking for a function to quote a query-string!
There's a function in MySQL (eg in PHP:
http://www.php.net/manual/en/function.mysql-escape-string.php) - is
there
nothing in postgresql's JDBC???

thanks
michi



---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster


pgsql-jdbc by date:

Previous
From: tomcat@meinsenf.at
Date:
Subject: missing quote_string - function
Next
From: Erwin Ambrosch
Date:
Subject: Connection and Statement