Categories
System Administration

Table size in PostgreSQL

Disk space seems endless, until you run out and/or have to pay the bill. The question is how to find tables with a high disk storage usage and with the query below it shows the table and index size, but also the size of TOAST data for PostgreSQL. After running this query on the development […]

Categories
System Administration

Renaming database in PostgreSQL

Sometimes you have a system with legacy naming standards, but you really want to switch over to the new standard to keep all the scripting clean without some exceptions no one is going to remember in 12 months. Oracle had the command ALTER DATABASE, but since Oracle 10 you need to take the database offline […]

Categories
Software Development

Starting to stop SQL-injections, part 2

In a previous posting, I gave an example of how to make database queries safer by using parameter binding and basically stopping SQL-injections. The next step is to make the code more readable and maintainable. This doesn’t sound like a priority for secure software development, but readable code is also code that can be verified […]

Categories
Software Development

Starting to stop SQL-injections

In a lot of PHP-examples strings are concatenated before a database query is being executed as below. Some examples advise to use PHP-functions mysql_real_escape_string() and/or addslashes() to make database query safe against SQL-injections. But this isn’t really a solution as when using addslashes() also requires the use of stripslashes() after retrieving data from a database. […]

Categories
Internet, Unix en security

PostgreSQL en NULL

Mijn docenten zullen wel de koude rillingen krijgen, maar soms heb je gewoon attribuut op je tupel staan die de geen waarde heeft. NULL is hier de algemene benaming voor zoals C-programmeurs die ook wel kennen. De grap komt hoe je tupels gaat selecteren die geen waarde hebben. Veel mensen zie je het volgende statement […]