| From: | RebeccaJ <rebeccaj(at)gmail(dot)com> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: text column constraint, newbie question |
| Date: | 2009-03-23 21:11:28 |
| Message-ID: | a8455a10-a4c6-4277-ac08-e150c11c7281@e1g2000pra.googlegroups.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Mar 22, 12:36 pm, scott(dot)marl(dot)(dot)(dot)(at)gmail(dot)com (Scott Marlowe) wrote:
> ayup. As long as they're legal for your encoding, they'll go right in.
> If you wanna stuff in anything no matter the encoding, use a database
> initialized for SQL_ASCII encoding.
Thanks, everyone, for your contribution to this thread. I'm
approaching the database design of my web application differently,
now. Before, I was planning to have CHECK constraints in all of my
text or char fields, to keep out all semicolons, single quotes, and
anything else that looked dangerous. Now I'm thinking that I'll be
using htmlentities(), pg_escape_string() and pg_query_params() as
safety filters, and otherwise allowing users to store whatever they
want to, in the fields where I store/retrieve user input.
Scott, your comment above introduced some new concepts to me, and now
I'm thinking about foreign language text and other ways to be more
flexible. I found this page that talks about encoding:
http://www.postgresql.org/docs/8.3/static/multibyte.html
And I wonder why you like SQL_ASCII better than UTF8, and whether
others have any opinions about those two. (My web server's LC_CTYPE is
C, so I can use any character set.) Wouldn't UTF8 allow more
characters than SQL_ASCII?
Thanks again!
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Marinos Yannikos | 2009-03-23 21:22:21 | 1- and 2-dimensional indexes on same column: why is the 2d one preferred? |
| Previous Message | Scott Marlowe | 2009-03-23 21:01:20 | Re: unexpected check constraint violation |