This week's book giveaway is in the Mac OS forum.
We're giving away four copies of a choice of "Take Control of Upgrading to Yosemite" or "Take Control of Automating Your Mac" and have Joe Kissell on-line!
See this thread for details.
The moose likes Security and the fly likes SQL Injection Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Engineering » Security
Bookmark "SQL Injection" Watch "SQL Injection" New topic
Author

SQL Injection

anjali ray
Greenhorn

Joined: Mar 12, 2005
Posts: 28
I am using prepared statement to get data from the database.
Does anybody knows of any way to do a SQL injection because in a prepared statement, whatever I enter if is using that as a search criteria.
Thanks,
Anjali
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

"anjali",
Welcome to the JavaRanch.

We're a friendly group, but we do require members to have valid display names.

Display names must be two words: your first name, a space, then your last name. Fictitious names are not allowed.

Please edit your profile and correct your display name since accounts with display names get deleted, often without warning

thanks,
Dave
Anil Kumar Saha
Ranch Hand

Joined: Apr 07, 2004
Posts: 111
prepared statement is used to avoid SQL injection,which could be a major security threat.So, if you use prepared statement ,then you don't have to worry about SQL injection


Regards,

Anil Kumar Saha
SCJP 1.4
http://www.agilej.blogspot.com/
 
Consider Paul's rocket mass heater.
 
subject: SQL Injection