Home > mailing lists

Re: Request for WikiEditing privilege - Mailing list pgsql-www

From	Sadeq Dousti
Subject	Re: Request for WikiEditing privilege
Date	November 18 04:59:13
Msg-id	CADE6LvgysVye=WzBiNNCEUd=KATN5RF7ccP+nXtUUFkwtSfDnw@mail.gmail.com Whole thread Raw
In response to	Re: Request for WikiEditing privilege (Alvaro Herrera <alvherre@alvh.no-ip.org>)
List	pgsql-www

Tree view

Dear Álvaro,

Thanks a lot for giving me the edit permission. I applied all your suggestions.

I noted, however, that my initial suggestion of using FORMAT + %L does not work, as it quotes the query supplied to EXPLAIN.

As such, I used FORMAT + %s, with a warning that the function is susceptible to SQLi.

Best wishes,

Sadeq

On Mon, Nov 11, 2024 at 11:00 AM Alvaro Herrera <alvherre@alvh.no-ip.org> wrote:

Hello Sadeq,

On 2024-Nov-11, Sadeq Dousti wrote:

> I would like editor access to the wiki, my username is *msdousti* and I
> would like to modify the Count Estimate page (
> https://wiki.postgresql.org/wiki/Count_estimate).
> At the moment, it uses the string concatenation operator ||, which is
> susceptible to SQL injection.

Cool. You're an editor now.

> I'd like to mention that, starting 9.1, the FORMAT function accepts %L, and
> add a query that uses %L to perform EXPLAIN (FORMAT JSON).

Sounds good. If you can also modify the page to remove the <source> tag
and replace it with <syntaxhighlighting> while at it, it'd be great.
I'd even suggest to add a [[Category:Snippets]] line while at it, so
that this page shows up in the snippets index page.

--
Álvaro Herrera Breisgau, Deutschland — https://www.EnterpriseDB.com/

pgsql-www by date:

From: Tobias Bussmann
Date: 14 November, 23:56:54
Subject: broken link in planet policy

From: Alvaro Herrera
Date: 19 November, 19:14:45
Subject: Re: Wiki editor request

Re: Request for WikiEditing privilege - Mailing list pgsql-www

Previous

Next