Re: [gnome-db] patch to replace gda_connection_escape_string() with gda_connection_value_to_sql_string()

From: Bas Driessen <bas driessen xobas com>
To: Alan Knowles <alan akbkhome com>
Cc: Rodrigo Moya <rodrigo gnome-db org>, GNOME-DB List <gnome-db-list gnome org>
Subject: Re: [gnome-db] patch to replace gda_connection_escape_string() with gda_connection_value_to_sql_string()
Date: Tue, 19 Apr 2005 12:46:41 +1000

On Tue, 2005-04-19 at 10:37 +0800, Alan Knowles wrote:

Bas, can you try this patch, it builds ok here, and should export the
method to the right place.

http://devel.akbkhome.com/svn/index.php/libgda/to_sql_string_fixes.diff.txt

At present the to_sql_local is susceptable to SQL injection attacks, so
it's probably better to use the string escaping in this.

Regards
Alan

Thanks Allan, will try it later today/this evening and let you know results.

Bas.

Follow-Ups:
- Re: [gnome-db] patch to replace gda_connection_escape_string() with gda_connection_value_to_sql_string()
  - From: Bas Driessen

References:
- Re: [gnome-db] patch to replace gda_connection_escape_string() with gda_connection_value_to_sql_string()
  - From: Bas Driessen
- Re: [gnome-db] patch to replace gda_connection_escape_string() with gda_connection_value_to_sql_string()
  - From: Alan Knowles
- Re: [gnome-db] patch to replace gda_connection_escape_string() with gda_connection_value_to_sql_string()
  - From: Alan Knowles

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]