aspose file tools
The moose likes Security and the fly likes SQL Injection Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login


Win a copy of Arduino in Action this week in the General Computing forum!

A special promo: Enter your blog post or vote on a blogger to be featured in an upcoming Journal
JavaRanch » Java Forums » Engineering » Security
Reply Bookmark "SQL Injection" Watch "SQL Injection" New topic
Author

SQL Injection

anjali ray
Greenhorn

Joined: Mar 12, 2005
Posts: 28
posted private message
0
Quote
I am using prepared statement to get data from the database.
Does anybody knows of any way to do a SQL injection because in a prepared statement, whatever I enter if is using that as a search criteria.
Thanks,
Anjali
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

I like...
Android Eclipse IDE Ubuntu
posted
0
Quote
"anjali",
Welcome to the JavaRanch.

We're a friendly group, but we do require members to have valid display names.

Display names must be two words: your first name, a space, then your last name. Fictitious names are not allowed.

Please edit your profile and correct your display name since accounts with display names get deleted, often without warning

thanks,
Dave
Anil Kumar Saha
Ranch Hand

Joined: Apr 07, 2004
Posts: 111
posted private message
0
Quote
prepared statement is used to avoid SQL injection,which could be a major security threat.So, if you use prepared statement ,then you don't have to worry about SQL injection

Regards,

Anil Kumar Saha
SCJP 1.4
http://www.agilej.blogspot.com/
 
I agree. Here's the link: http://zeroturnaround.com/jrebel - it saves me about five hours per week
 
subject: SQL Injection
 
Similar Threads
user authentication servlet problem
single quote throws exception - JDK 1.4.2 and SQL Server
SQL query
gatting the details of the user
sql injection