| From: | Ashesh Vashi <ashesh(dot)vashi(at)enterprisedb(dot)com> |
|---|---|
| To: | Harshal Dhumal <harshal(dot)dhumal(at)enterprisedb(dot)com> |
| Cc: | pgadmin-hackers <pgadmin-hackers(at)postgresql(dot)org> |
| Subject: | Re: New macros for sequence node [pgadmin4] |
| Date: | 2016-02-10 07:36:28 |
| Message-ID: | CAG7mmozjgCQDUx=1-BK9Jr0oyb0hic11GA9FOGAHTk4MfkmDng@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgadmin-hackers |
On Tue, Feb 9, 2016 at 3:48 PM, Harshal Dhumal <
harshal(dot)dhumal(at)enterprisedb(dot)com> wrote:
> Hi,
>
> PFA of macros (privilege, security) for sequence node.
>
> Also fixed minor issue in security macro (removed unwanted qtIdent for
> provider)
>
This is not allowed.
We can't pass on the data coming from the client blindly to the server.
It is an area, which can introduce the SQL injection in our code.
Hence - I can't allowed that.
--
Thanks & Regards,
Ashesh Vashi
EnterpriseDB INDIA: Enterprise PostgreSQL Company
<http://www.enterprisedb.com/>
*http://www.linkedin.com/in/asheshvashi*
<http://www.linkedin.com/in/asheshvashi>
>
>
>
> --
> *Harshal Dhumal*
> *Software Engineer *
>
>
>
> EenterpriseDB <http://www.enterprisedb.com>
>
>
> --
> Sent via pgadmin-hackers mailing list (pgadmin-hackers(at)postgresql(dot)org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgadmin-hackers
>
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ashesh Vashi | 2016-02-10 07:41:10 | pgAdmin 4 commit: Allow to use the select2 with multiple selection. Cha |
| Previous Message | Ashesh Vashi | 2016-02-10 07:32:15 | Re: PATCH: Added macro for default privileges [pgAdmin4] |