File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Security and the fly likes SQL Injection Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of The Software Craftsman this week in the Agile forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "SQL Injection" Watch "SQL Injection" New topic

SQL Injection

anjali ray

Joined: Mar 12, 2005
Posts: 28
I am using prepared statement to get data from the database.
Does anybody knows of any way to do a SQL injection because in a prepared statement, whatever I enter if is using that as a search criteria.
David O'Meara

Joined: Mar 06, 2001
Posts: 13459

Welcome to the JavaRanch.

We're a friendly group, but we do require members to have valid display names.

Display names must be two words: your first name, a space, then your last name. Fictitious names are not allowed.

Please edit your profile and correct your display name since accounts with display names get deleted, often without warning

Anil Kumar Saha
Ranch Hand

Joined: Apr 07, 2004
Posts: 111
prepared statement is used to avoid SQL injection,which could be a major security threat.So, if you use prepared statement ,then you don't have to worry about SQL injection


Anil Kumar Saha
SCJP 1.4
subject: SQL Injection