Hello
2010/5/30 Dennis Gearon <gearond@sbcglobal.net>:
> I'm trying to build a way to bulk load from a script to a Dbase, postgres.
>
> Using single, parameterized statements is a pretty good defense against SQL injection, so I use Symfony as the main
userinput.
>
> But for this bulk loading, it's tooooooo slow.
Maybe you have enabled autocomit - then it can be very very slow.
>
> If I build a text based, COPY file for bulk purposes, to be input via the command line, is Postgres vulnerable to SQL
injectionfrom that?
SQL database cannot be injected via NON SQL statemenst like COPY.
Regards
Pavel Stehule
>
>
> Dennis Gearon
>
> Signature Warning
> ----------------
> EARTH has a Right To Life,
> otherwise we all die.
>
> Read 'Hot, Flat, and Crowded'
> Laugh at http://www.yert.com/film.php
>
> --
> Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-general
>
