Java Forum

Ask Question   UnAnswered
Home » Forum » Java       RSS Feeds

sql injection

  Asked By: Rainhard    Date: Apr 20    Category: Java    Views: 805

I am a beginner in j2ee.
I wanaa know how I can prevent sql injection in j2ee applications,



3 Answers Found

Answer #1    Answered By: Gilberto Thompson     Answered On: Apr 20

this completely depends on your architecture and your components!
this is a general method working for any web application including J2EE ones:
when ever you have a usecase that client can enter a text that will be used as a part of a sql  
check it to make sure it has not included any SQL.

Answer #2    Answered By: Abbas Hashmi     Answered On: Apr 20

you can prevent  SQL injection  via named queries in ORMs or PreparedStatement in JDBC.

Answer #3    Answered By: Jana Franklin     Answered On: Apr 20

you can impl this functionality , but org.apache.commons.lang
have same component for this usage
see it , org.apache.commons.lang.StringEscapeUtils

Didn't find what you were looking for? Find more on sql injection Or get search suggestion and latest updates.