Skip to content
Gallery
STI Handbok Databaskommunikation
Huvudmoment
Databas
Protokoll
API
Säkerhet
MySQL Workbench
Resurser
More
Share
Explore
Säkerhet

SQL Injections


DÅLIGT! Det går att fula in queries från en bad actor-client
var myQuery = request.result.data; // ; Drop or ggrher (DROP * FROM )

“SELECT * FROM TABLE WHERE id = “+myQuery+”; SELECT *ggrher (DROP * FROM );”

BÄTTRE! myResult.selectWhereSearchPhrase(int id) myResult.selectWhereSearchPhrase(String searchPhrase)
myResult.RemoveTables
Want to print your doc?
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.