FYI My DBMail version is 2.2.11-rc1
El Tuesday 21 October 2008 09:28:30 Paul J Stevens escribió: > Josh Berkus wrote: > > > As such, it would be nice to see DBMail gradual migrate away from the > > use of \\ escapes. > > DBMail-2.2 doesn't use \\ escaping, and hasn't done so for quite some > time. All strings are escaped using PQescapeString and PQescapeBytea > which I assume will produce safe queries. So in my understanding the > postgres warning is a false positive. But - Josh - please correct me if > I'm wrong. > > Anyway, in 2.3+ no more escaping is used at all. All insertions are done > using parameter binding - that is, except for some numerical type > insertions where the values come from a trusted source (internal). > -- __________________________________________ Clist UAH __________________________________________ _______________________________________________ DBmail mailing list [email protected] https://mailman.fastxs.nl/mailman/listinfo/dbmail
