am Wed, dem 30.01.2008, um 13:48:59 -0800 mailte Mary Anderson folgendes:
> Hi all,
> I have a web app I would like to protect against postgreSQL
> injection. What characters should I be on the lookout for? Any Any
> suggestions for enhancing the security of my app are welcome.
The best way to protect against SQL-Injection are prepared statements,
read more about this:
http://www.postgresql.org/docs/current/static/sql-prepare.html
Andreas
--
Andreas Kretschmer
Kontakt: Heynitz: 035242/47150, D1: 0160/7141639 (mehr: -> Header)
GnuPG-ID: 0x3FFF606C, privat 0x7F4584DA http://wwwkeys.de.pgp.net