Postgres Pro
Downloads
Home   >   mailing lists

Re: How to ensure that a stored function always returns TRUE or FALSE? - Mailing list pgsql-general

From Pavel Stehule
Subject Re: How to ensure that a stored function always returns TRUE or FALSE?
Date
Msg-id CAFj8pRByn0fGP0nK=0o0y-6qmuCPMVWkUwkOedTOtHXjjGqmwA@mail.gmail.com
Whole thread Raw
In response to Re: How to ensure that a stored function always returns TRUE or FALSE?  (Alexander Farber <alexander.farber@gmail.com>)
List pgsql-general
Tree view
Hi

2016-03-02 19:31 GMT+01:00 Alexander Farber <alexander.farber@gmail.com>:
Thank you all for the valuable replies.


but the former has the edge case of NULL=NULL returning TRUE
and with the latter I would have to be careful with the way I call my function -
and I am worried I might forget it later and this is a security related...

So I will probably use this function:

CREATE OR REPLACE FUNCTION check_user(in_social integer, 
        in_sid varchar(255), 
        in_auth varchar(32))
        RETURNS boolean AS
$func$
        SELECT CASE 
                WHEN in_social IS NULL THEN FALSE
                WHEN in_sid    IS NULL THEN FALSE
                WHEN in_auth   IS NULL THEN FALSE
                ELSE (MD5('secret word' || in_social || in_sid) = in_auth)
        END;

$func$ LANGUAGE sql IMMUTABLE;

this solution is ilustrative, but probably slower

I hope so function

REATE OR REPLACE FUNCTION check_user(in_social integer, 
        in_sid varchar(255), 
        in_auth varchar(32))
        RETURNS boolean AS
$func$
        SELECT COALESCE(MD5('secret word' || in_social || in_sid) = in_auth, FALSE)
$func$ LANGUAGE sql IMMUTABLE;

should to return same result quckly.

Regards

Pavel

 

Regards
Alex






pgsql-general by date:

Previous
From: Alexander Farber
Date:
Subject: Re: How to ensure that a stored function always returns TRUE or FALSE?
Next
From: Adrian Klaver
Date:
Subject: Re: $user namespace with pg_dump?