GeeCON Prague 2014*
The moose likes JDBC and the fly likes Database security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Databases » JDBC
Bookmark "Database security" Watch "Database security" New topic
Author

Database security

Giuseppa Cefalu
Ranch Hand

Joined: Jul 15, 2011
Posts: 121
Could any refer me to a reading on database security an injection? Is this related to a proper way to write the sql queries?
Thank you!
Giuseppa Cefalu
Ranch Hand

Joined: Jul 15, 2011
Posts: 121
I read some where that mysql_real_escape_string() claims to stop all SQL injection. How could I use mysql_real_escape_string() with jdbc?
Giuseppa Cefalu
Ranch Hand

Joined: Jul 15, 2011
Posts: 121
What happens when the two users open the same database table; can they both write to the table, or if one user is writing the other user can read only and is locked from writting?
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18570
    
    8

Normally simultaneous writes are permitted. It would be extremely unusual to do anything else. Database systems are designed and programmed to allow access by many users at once.
Giuseppa Cefalu
Ranch Hand

Joined: Jul 15, 2011
Posts: 121
Thank yo!

Are there any data integrity issues that i should be aware off and should manage in the jdbc program that connects and issues the read, update, insert and delete statements?
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18570
    
    8

Absolutely there are. There's far too much to be posted in this little box, though. Start reading at Database transaction and follow the relevant-looking links. Whole books could be (and have been) written about the topic, you might benefit from reading one of those books.
Giuseppa Cefalu
Ranch Hand

Joined: Jul 15, 2011
Posts: 121
Thank you. This is a quote from one of the articels: Of the four ACID properties in a DBMS (Database Management System), the isolation property is the one most often relaxed. When attempting to maintain the highest level of isolation, a DBMS usually acquires locks on data or implements multiversion concurrency control, which may result in a loss of concurrency. This requires adding additional logic for the application to function correctly. and this is exmaple code for Transaction 1 Transaction 2





I guess I have to learn about repeated reads and dirty reads and include the appropriate code in the application to deal with these issues. I found the reading very helpful and I am not done with it yet; but , on the mean time, do you have any suggestions in relation to implementing concurrency control in the application that I might need to be aware of?
Giuseppa Cefalu
Ranch Hand

Joined: Jul 15, 2011
Posts: 121
Do you think that for the moment; while I implement concurrency code; I could have a single user reading, inserting and updating one table; while the other one reads, inserts and deletes a different one? Would concurrency be an issue if two users are connected and reading, inserting and updating the database at the same time even though they are working on different tables? Does the database management system take care of concurrent access to the database?
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Database security