Re: Little note to php coders - Mailing list pgsql-hackers

From Nigel J. Andrews
Subject Re: Little note to php coders
Date
Msg-id Pine.LNX.4.21.0210081106380.3248-100000@ponder.fairway2k.co.uk
Whole thread Raw
In response to Little note to php coders  (Sir Mordred The Traitor <mordred@s-mail.com>)
Responses Re: Little note to php coders
List pgsql-hackers
On Tue, 8 Oct 2002, Sir Mordred The Traitor wrote:

> Check out this link, if you need something to laugh at:
> http://www.postgresql.org/idocs/index.php?1'
> 
> Keeping in mind, that there are bunch of overflows in PostgreSQL(really?),
> it is
> very dangerous i guess. Right?

I'm not sure what list this really fits onto so I've left as hackers.

The old argument about data validation and whose job it is. However, is there a
reason why all CGI parameters aren't scanned and rejected if they contain
any punctuation. I was going to say if they contain anything non alphanumeric
but then I'm not sure about internationalisation and that test.


-- 
Nigel J. Andrews



pgsql-hackers by date:

Previous
From: Sir Mordred The Traitor
Date:
Subject: Little note to php coders
Next
From: Vince Vielhaber
Date:
Subject: Re: Little note to php coders