| From: | "Ross J(dot) Reedstrom" <reedstrm(at)rice(dot)edu> |
|---|---|
| To: | pgsql-sql(at)postgresql(dot)org |
| Subject: | Re: replace " with nothing |
| Date: | 2011-05-11 21:25:34 |
| Message-ID: | 20110511212533.GB4796@rice.edu |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-sql |
On Wed, May 11, 2011 at 11:11:07PM +0200, Leif Biberg Kristensen wrote:
>
> although it's a little above me why you would want to select firstname in the
> first place when you proceed to replace it with nothing.
Nah, he's replacing double-quote-character " with nothing.
An attempt to protect against little Bobby Tables, I assume. (see:
http://xkcd.com/327/ aka SQL injection attacks, but not as fun)
Ross
--
Ross Reedstrom, Ph.D. reedstrm(at)rice(dot)edu
Systems Engineer & Admin, Research Scientist phone: 713-348-6166
Connexions http://cnx.org fax: 713-348-3665
Rice University MS-375, Houston, TX 77005
GPG Key fingerprint = F023 82C8 9B0E 2CC6 0D8E F888 D3AE 810E 88F0 BEDE
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Leif Biberg Kristensen | 2011-05-11 21:37:17 | Re: replace " with nothing |
| Previous Message | Ross J. Reedstrom | 2011-05-11 21:22:32 | Re: replace " with nothing |