Home > mailing lists

Re: How does one make the following psql statement sql-injection resilient? - Mailing list pgsql-general

From	Alvaro Herrera
Subject	Re: How does one make the following psql statement sql-injection resilient?
Date	March 17, 2015 06:59:07
Msg-id	20150317035931.GJ3636@alvh.no-ip.org Whole thread Raw
In response to	Re: How does one make the following psql statement sql-injection resilient? ("David G. Johnston" <david.g.johnston@gmail.com>)
Responses	Re: How does one make the following psql statement sql-injection resilient? ("David G. Johnston" <david.g.johnston@gmail.com>)
List	pgsql-general

Tree view

David G. Johnston wrote:

> Thanks!  I got the gist even with the typo.  I actually pondered about
> prepare/execute after hitting send.  Am I correct in remembering that
> "CREATE TEMP TABLE" cannot be prepared?  I was using the actual query with
> CREATE TEMP TABLE and then issuing "\copy" to dump the result out to the
> file.  The limitation of copy to having to be written on a single line
> makes the intermediary temporary table seem almost a necessity.

CREATE TEMP TABLE AS EXECUTE

--
Álvaro Herrera                http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

pgsql-general by date:

From: Craig Ringer
Date: 17 March 2015, 06:43:30
Subject: Re: bdr replication latency monitoring

From: Craig Ringer
Date: 17 March 2015, 06:59:53
Subject: Re: Postgresql BDR(Bi-Directional Replication) Latency Monitoring

Re: How does one make the following psql statement sql-injection resilient? - Mailing list pgsql-general

Previous

Next