Home > mailing lists

Re: SQL injection, php and queueing multiple statement - Mailing list pgsql-general

From	Tom Lane
Subject	Re: SQL injection, php and queueing multiple statement
Date	April 12, 2008 16:39:43
Msg-id	16968.1208018378@sss.pgh.pa.us Whole thread Raw
In response to	Re: SQL injection, php and queueing multiple statement (Ivan Sergio Borgonovo <mail@webthatworks.it>)
Responses	Re: SQL injection, php and queueing multiple statement (Ivan Sergio Borgonovo <mail@webthatworks.it>)
List	pgsql-general

Tree view

Ivan Sergio Borgonovo <mail@webthatworks.it> writes:
> I may sound naive but having a way to protect the DB from this kind
> of injections looks as a common problem, I'd thought there was
> already a common solution.

Use prepared statements.

            regards, tom lane

pgsql-general by date:

From: Ray Stell
Date: 12 April 2008, 16:22:36
Subject: Re: PostgreSQL Processes on a linux box

From: "Dawid Kuroczko"
Date: 12 April 2008, 17:30:23
Subject: Re: Postgres on shared network drive

Re: SQL injection, php and queueing multiple statement - Mailing list pgsql-general

Previous

Next