Florian Weimer <[EMAIL PROTECTED]> writes: > We therefore suggest that a string escaping function is included in a > future version of PostgreSQL and libpq. A sample implementation is > provided below, along with documentation. We have now released a description of the problems which occur when a string escaping function is not used: http://cert.uni-stuttgart.de/advisories/apache_auth.php What further steps are required to make the suggested patch part of the official libpq library? Thanks, -- Florian Weimer [EMAIL PROTECTED] University of Stuttgart http://cert.uni-stuttgart.de/ RUS-CERT +49-711-685-5973/fax +49-711-685-5898 ---------------------------(end of broadcast)--------------------------- TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
- [HACKERS] Escaping strings for inclusion into SQL queries Florian Weimer
- Re: [HACKERS] Escaping strings for inclusion into SQ... Florian Weimer
- Re: [HACKERS] Escaping strings for inclusion into SQ... Bruce Momjian
- Re: [HACKERS] Escaping strings for inclusion into SQ... Bruce Momjian
- Re: [HACKERS] Escaping strings for inclusion into SQ... Mitch Vincent
- Re: [HACKERS] Escaping strings for inclusion int... Florian Weimer
- Re: [HACKERS] Escaping strings for inclusion into SQ... Alex Pilosov
- Re: [HACKERS] Escaping strings for inclusion into SQ... Mitch Vincent
- Re: [HACKERS] Escaping strings for inclusion into SQ... Hannu Krosing
- Re: [HACKERS] Escaping strings for inclusion into SQ... Barry Lind
- Re: [HACKERS] Escaping strings for inclusion into SQ... Hannu Krosing
- Re: [HACKERS] Escaping strings for inclusion into SQ... Peter Eisentraut