How to sanitize my PostreSQL user input?

Asked Aug 07 '17 at 09:44

Active Aug 07 '17 at 09:44

Viewed 77 times

i have a simple question: How would i go about sanitising my user input within my PLPGSQL function?

How is this generally done? I was not able to find detailed explanations. I want to defend myself against SQL injection.

I want to sanitise the search term. How would i do that? I read up on prepared statements, am not sure however, how to include them here. Help is appreciated!

asked Aug 07 '17 at 09:44

Divide by Zero

1,343
1
14
37

Use parameters for all your queries. – Gordon Linoff Aug 07 '17 at 10:31
@GordonLinoff could you give me an example, or a reference to the correct ressource? here is my actual question : https://stackoverflow.com/questions/45542789/querstion-regarding-using-keyword-in-my-sql-statement – Divide by Zero Aug 07 '17 at 11:17
1

https://www.postgresql.org/docs/current/static/sql-prepare.html – Gordon Linoff Aug 07 '17 at 11:20

How to sanitize my PostreSQL user input?

0 Answers0