From: | Harshal Dhumal <harshal(dot)dhumal(at)enterprisedb(dot)com> |
---|---|
To: | Ashesh Vashi <ashesh(dot)vashi(at)enterprisedb(dot)com> |
Cc: | pgadmin-hackers <pgadmin-hackers(at)postgresql(dot)org> |
Subject: | Re: New macros for sequence node [pgadmin4] |
Date: | 2016-02-10 12:11:24 |
Message-ID: | CAFiP3vz=dO7t9Lc3o-3+MsE3apQzjzRs60ZFR3S2PRGNKJyCwQ@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgadmin-hackers |
Hi,
Here is updated patch for macros. I have added required validation in
macros.
--
*Harshal Dhumal*
*Software Engineer *
EenterpriseDB <http://www.enterprisedb.com>
On Wed, Feb 10, 2016 at 1:06 PM, Ashesh Vashi <ashesh(dot)vashi(at)enterprisedb(dot)com
> wrote:
> On Tue, Feb 9, 2016 at 3:48 PM, Harshal Dhumal <
> harshal(dot)dhumal(at)enterprisedb(dot)com> wrote:
>
>> Hi,
>>
>> PFA of macros (privilege, security) for sequence node.
>>
>> Also fixed minor issue in security macro (removed unwanted qtIdent for
>> provider)
>>
> This is not allowed.
> We can't pass on the data coming from the client blindly to the server.
> It is an area, which can introduce the SQL injection in our code.
>
> Hence - I can't allowed that.
>
> --
>
> Thanks & Regards,
>
> Ashesh Vashi
> EnterpriseDB INDIA: Enterprise PostgreSQL Company
> <http://www.enterprisedb.com/>
>
>
> *http://www.linkedin.com/in/asheshvashi*
> <http://www.linkedin.com/in/asheshvashi>
>
>>
>>
>>
>> --
>> *Harshal Dhumal*
>> *Software Engineer *
>>
>>
>>
>> EenterpriseDB <http://www.enterprisedb.com>
>>
>>
>> --
>> Sent via pgadmin-hackers mailing list (pgadmin-hackers(at)postgresql(dot)org)
>> To make changes to your subscription:
>> http://www.postgresql.org/mailpref/pgadmin-hackers
>>
>>
>
Attachment | Content-Type | Size |
---|---|---|
macros_10_Feb_1.patch | text/x-patch | 3.2 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | Harshal Dhumal | 2016-02-10 12:16:24 | Re: Patch sequence node [pgadmin4] |
Previous Message | Dave Page | 2016-02-10 11:56:43 | Re: Backup and Restore dialog documentation updates |