File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
A friendly place for programming greenhorns!
Big Moose Saloon
Register / Login
JDBC and Relational Databases
Joined: Sep 22, 2007
Oct 24, 2007 16:58:00
can someone help to configure out my app to prevent SQL injection ?
What can i do in resultSet ? i have to do something in my JTestField and JPasswordFile ?
Luis Claudio<br />MCSE ; CCNA ; SCJP 5.0
author & internet detective
Joined: May 26, 2003
Oct 24, 2007 17:56:00
refers to someone adding bad code to a statement. It has nothing to do with the resultset. By that point, it is too late.
The easiest way to prevent SQL injection is to always use prepared statements and make sure all values are supplied through bind variables as in:
field = ?
OCA 8 book
How To Ask Questions The Smart Way
SCEA Part 1
Part 2 & 3
Core Spring 3
TOGAF part 1
I agree. Here's the link:
subject: SQL injection
Malware inserted into my JSP?
Using strings within strings to read vars?
is server side validation is necessary always?
All times are in JavaRanch time: GMT-6 in summer, GMT-7 in winter
| Powered by
Copyright © 1998-2015