Bill Moran wrote:
>
>
>Simply put:
>1) If the untrusted value is a string, using a proper escape sequence should
> make it safe.
> >
in pgsql (and mysql) you can escape almost everything.
update table set a = '5' is corrent, even is column a is integer type. You can't escape the null value.
Mage
---------------------------(end of broadcast)--------------------------- TIP 6: Have you searched our list archives?
http://archives.postgresql.org
