Re: stripping HTML, SQL injections ...

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: pgsql-general(at)postgresql(dot)org
Cc: "madhtr" <madhtr(at)schif(dot)org>
Subject: Re: stripping HTML, SQL injections ...
Date: 2007-11-15 23:16:38
Message-ID: 200711160016.38441.peter_e@gmx.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

madhtr wrote:
> Quick question, are there any native functions in PostGreSQL 8.1.4 that
> will strip HTML tags, escape chars, etc?

Using an SQL function to circumvent SQL injections probably isn't the wisest
of ideas.

--
Peter Eisentraut
http://developer.postgresql.org/~petere/

In response to

Browse pgsql-general by date

  From Date Subject
Next Message Tom Hart 2007-11-15 23:17:25 Re: Tom thinks it's bad code was 8.3 vs 8.2 sql compatibility issue
Previous Message Tom Hart 2007-11-15 23:14:35 Re: automating backups with windows scheduled tasks and pg_dumpall