Re: help with data recovery from injected UPDATE - Mailing list pgsql-general

From Scott Marlowe
Subject Re: help with data recovery from injected UPDATE
Date
Msg-id dcc563d10906111427t1e78f615ga10d0aa1c5c8f388@mail.gmail.com
Whole thread Raw
In response to Re: help with data recovery from injected UPDATE  ("Chris Spotts" <rfusca@gmail.com>)
Responses Re: help with data recovery from injected UPDATE
List pgsql-general
On Thu, Jun 11, 2009 at 1:32 PM, Chris Spotts<rfusca@gmail.com> wrote:
>
>> It's a classic story.  I'm volunteering about one day per month for
>> this project, learning SQL as I go.  Priority was always given to the
>> "get it working" tasks and never the "make it safe" tasks.  I had/have
>> grandiose plans to rewrite the whole system properly after I graduate.
>>  Unfortunately, the inevitable corruption didn't wait that long.
> As you're learning, it sounds like parametrized queries might have saved you
> from the sql injection that caused this.

Very true, and always a good idea.  However, OPs true failure here is
on the backup front.  Without recent, reliable backups, on another
machine / media / datacenter etc. is the only way your data can be
truly safe.

pgsql-general by date:

Previous
From: Greg Smith
Date:
Subject: Re: Postgres auditing features
Next
From: Andy Colson
Date:
Subject: Re: search for partial dates