dbTalk Databases Forums  

SQL injections

Go Back dbTalk Databases Forums Databases comp.databases.postgresql SQL injections

comp.databases.postgresql comp.databases.postgresql


Discuss SQL injections in the comp.databases.postgresql forum.



Reply
Page 2 of 2 < 1 2
 
Thread Tools Display Modes
  #11  
Old   
Laurenz Albe
 
Posts: n/a

Default Re: SQL injections - 03-31-2010 , 09:30 AM





Anselmo Canfora wrote:
Quote:
query issued to Postgres:
select quote_literal(''); drop table IDoNotExist; --') as result

DBD::Pg::st execute failed: ERROR: table "idonotexist" does not exist
DBD::Pg::st fetchall_arrayref failed: no statement executing

http://search.cpan.org/~turnstep/DBD....1/Pg.pm#quote

seems to be very suited for the purpose thanks!
Yes, that is exactly what you need.

Yours,
Laurenz Albe

Reply With Quote
Reply
Page 2 of 2 < 1 2

« Previous Thread | Next Thread »



Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Powered by vBulletin Version 3.5.3
Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.


Contact Us - dbTalk Databases Forums - Archive - Top