Home > mailing lists

Re: Little note to php coders - Mailing list pgsql-hackers

From	Nigel J. Andrews
Subject	Re: Little note to php coders
Date	October 8, 2002 09:11:19
Msg-id	Pine.LNX.4.21.0210081106380.3248-100000@ponder.fairway2k.co.uk Whole thread Raw
In response to	Little note to php coders (Sir Mordred The Traitor <mordred@s-mail.com>)
Responses	Re: Little note to php coders (Robert Treat <xzilla@users.sourceforge.net>)
List	pgsql-hackers

Tree view

On Tue, 8 Oct 2002, Sir Mordred The Traitor wrote:

> Check out this link, if you need something to laugh at:
> http://www.postgresql.org/idocs/index.php?1'
> 
> Keeping in mind, that there are bunch of overflows in PostgreSQL(really?),
> it is
> very dangerous i guess. Right?

I'm not sure what list this really fits onto so I've left as hackers.

The old argument about data validation and whose job it is. However, is there a
reason why all CGI parameters aren't scanned and rejected if they contain
any punctuation. I was going to say if they contain anything non alphanumeric
but then I'm not sure about internationalisation and that test.

-- 
Nigel J. Andrews

pgsql-hackers by date:

From: Sir Mordred The Traitor
Date: 08 October 2002, 08:58:38
Subject: Little note to php coders

From: Vince Vielhaber
Date: 08 October 2002, 09:34:46
Subject: Re: Little note to php coders

Re: Little note to php coders - Mailing list pgsql-hackers

Previous

Next