Skip to content
Gallery
STI Handbok Databaskommunikation
Share
Explore
Säkerhet

SQL Injections


DÅLIGT! Det går att fula in queries från en bad actor-client
var myQuery = request.result.data; // ; Drop or ggrher (DROP * FROM )

“SELECT * FROM TABLE WHERE id = “+myQuery+”; SELECT *ggrher (DROP * FROM );”

BÄTTRE! myResult.selectWhereSearchPhrase(int id) myResult.selectWhereSearchPhrase(String searchPhrase)
myResult.RemoveTables
Want to print your doc?
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.