escaping literals (in libpq) - Mailing list pgsql-interfaces

From Volkan YAZICI
Subject escaping literals (in libpq)
Date
Msg-id 20050403002747.GA1158@alamut
Whole thread Raw
Responses Re: escaping literals (in libpq)
List pgsql-interfaces
Hi,

By using PQescapeString() and PQescapeBytea() we can protect SQL
commands from SQL-Injection. I just wonder if it's necessary to
use these escape functions when using PQexecParams() or
PQsendQueryParams(); or these execParam functions don't need
escaping literals?

# End of file


pgsql-interfaces by date:

Previous
From: Michael Fuhr
Date:
Subject: Re: Problems with PQfmod() returning -1 on varchar field (libpq-8.0.0 )?
Next
From: Robert Treat
Date:
Subject: Re: Fw: suscribe