Tonu Samuel <tonuat_private> writes: > I would like to make your attention on bug which was introduced tonight > and can affect some people who are using (var)char field to store > timestamp data. Since the winnings are so slim, I hope not many people fell pray to this bug. If you're gonna waste 5 bytes on convenience, wasting a 6th to buy you peace at least until Unix doomsday does not seem too much. If you were expecting speed earnings (no strtoul-ing the input) these get pretty much zilched should you later compare the strings. > In MySQL we suggested people to use quotation marks around integer > values. Which won't protect you from '; attacks, of course. So why not just make sure that it is a real integer (ahem)? In Perl it would be as easy as adding zero. > This is the reason why people put quotation marks around integer > expressions and this is correct. Really? > But when both column is character type and expression, they get > compared as strings. As is to be expected when you're lying to your software. The date types are there for a reason. -- Robbe
This archive was generated by hypermail 2b30 : Wed Sep 12 2001 - 11:51:29 PDT