On Sat, Apr 26, 2008 at 11:32 AM, Thomas Mueller <[EMAIL PROTECTED]> wrote: > > The 'ALLOW_LITERALS NONE' mode is enabled by the developer itself, or > by an administrator.
then it solves nothing... what if the developer never SET ALLOW_LITERALS NONE or maybe i can inject "select * from tab where intcol = intcol; set allow_literals all; add any query you want" -- regards, Jaime Casanova Soporte de PostgreSQL Guayaquil - Ecuador Cel. (593) 087171157 -- Sent via pgsql-sql mailing list (pgsql-sql@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-sql
