Anybody Using PostgreSQL?

eric235u · 2008-07-12 14:21:18

i'm going to be using it. i know flux and can do it but was wondering if anybody else here is using postgre?

i'm also concerned with mention of a possible exploit. anybody know about this?
http://fluxbb.org/forums/post/9980/#p9980

thanks for any info.

please don't turn this into a mysql vs postgre flame war. i like both databases very much.

MattF · 2008-07-12 22:03:18

With 1.2*, yes. I've given it a quick whirl with 1.3 a couple of times, (for testing), and no problems were encountered. Worked as sweet as a nut.

As to that exploit thing, I've no idea. As you can probably guess, I'm interested in the outcome of that post too.

Smartys · 2008-07-13 02:04:00

The post was referring to the SQL inject corrected in the current set of hotfixes.
The problem is that PostgreSQL and many other DBMS allow for multiple queries to be sent, using ; as the delimiter. That means any SQL inject can lead to an arbitrary new query being run. MySQL only allows one query per function call except when using a certain mysqli function.

MattF · 2008-07-13 02:13:25

Smartys wrote:

The post was referring to the SQL inject corrected in the current set of hotfixes.
The problem is that PostgreSQL and many other DBMS allow for multiple queries to be sent, using ; as the delimiter. That means any SQL inject can lead to an arbitrary new query being run. MySQL only allows one query per function call except when using a certain mysqli function.

Cheers for that. I assume that's not a problem which affects the 1.2* branch, just 1.3*?

Smartys · 2008-07-13 02:30:23

Correct, the SQL inject was in 1.3.

Forums

#1 2008-07-12 14:21:18

Anybody Using PostgreSQL?

#2 2008-07-12 22:03:18

Re: Anybody Using PostgreSQL?

#3 2008-07-13 02:04:00

Re: Anybody Using PostgreSQL?

#4 2008-07-13 02:13:25

Re: Anybody Using PostgreSQL?

#5 2008-07-13 02:30:23

Re: Anybody Using PostgreSQL?

Board footer