This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes JDBC and the fly likes Struts and SQL Injection. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Databases » JDBC
Bookmark "Struts and SQL Injection." Watch "Struts and SQL Injection." New topic
Author

Struts and SQL Injection.

pawan chopra
Ranch Hand

Joined: Jan 23, 2008
Posts: 410

Hi,

I want to know that does Struts prevents from SQL Injection? If yes then how? Thanks!


Pawan Chopra
SCJP - DuMmIeS mInD
Mark Spritzler
ranger
Sheriff

Joined: Feb 05, 2001
Posts: 17249
    
    6

pawan chopra wrote:Hi,

I want to know that does Struts prevents from SQL Injection? If yes then how? Thanks!


No, it isn't Struts responsibility to prevent SQL injection.

Mark


Perfect World Programming, LLC - Two Laptop Bag - Tube Organizer
How to Ask Questions the Smart Way FAQ
Hong Anderson
Ranch Hand

Joined: Jul 05, 2005
Posts: 1936
No, SQL injection is not related to Struts or any web frameworks, you can prevent SQL injection by using PreparedStatement.


SCJA 1.0, SCJP 1.4, SCWCD 1.4, SCBCD 1.3, SCJP 5.0, SCEA 5, SCBCD 5; OCUP - Fundamental, Intermediate and Advanced; IBM Certified Solution Designer - OOAD, vUML 2; SpringSource Certified Spring Professional
pawan chopra
Ranch Hand

Joined: Jan 23, 2008
Posts: 410

Kengkaj Sathianpantarit wrote:No, SQL injection is not related to Struts or any web frameworks, you can prevent SQL injection by using PreparedStatement.


Can you suggest me any link? Thanks!
Bauke Scholtz
Ranch Hand

Joined: Oct 08, 2006
Posts: 2458
http://google.com/search?q=preparedstatement+tutorial+site:sun.com
Jan Cumps
Bartender

Joined: Dec 20, 2006
Posts: 2491
    
    8

There are some pointers on the JavaRanch Security FAQ


OCUP UML fundamental and ITIL foundation
youtube channel
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
 
subject: Struts and SQL Injection.
 
Similar Threads
Struts XSS and SQL Injection vulnerabilities
Does this sound believable?
avoid sql injection
PreparedStatement - to use or not to use
Using strings within strings to read vars?