Home   |   Register   |   Rules   |   Calendar   |   Get Daily   |     |  
 


If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

 
Go Back  dBforums > Data Access, Manipulation & Batch Languages > ANSI SQL > SQL Injection

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 09-17-06, 00:36
certus certus is offline
Registered User
  
Join Date: Dec 2003
Location: Canada
Posts: 710
SQL Injection
__________________
visit: relationary
Reply With Quote
  #2 (permalink)  
Old 09-17-06, 04:12
Peter.Vanroose Peter.Vanroose is offline
Registered User
  
Join Date: Sep 2004
Location: Belgium
Posts: 1,079
Interesting indeed!

This is a strong argument in favour of using static SQL in apps, instead of dynamic SQL.
This way, the query is already analysed and interpreted at compile time, and the runtime provided arguments are just plugged into the placeholders as text, without interpretation. Exactly as one would expect.
__________________
--_Peter Vanroose,
__IBM Certified Database Administrator, DB2 9 for z/OS
__IBM Certified Application Developer
__ABIS Training and Consulting
__http://www.abis.be/
Last edited by Peter.Vanroose; 09-17-06 at 04:23.
Reply With Quote
  #3 (permalink)  
Old 09-17-06, 10:26
squizzle squizzle is offline
Registered User
  
Join Date: Sep 2006
Location: Amsterdam
Posts: 2
Coincidence??
Yes I just read it before getting here and wrote about it in dutch at beterewebsites****
Reply With Quote
  #4 (permalink)  
Old 09-17-06, 11:43
Peter.Vanroose Peter.Vanroose is offline
Registered User
  
Join Date: Sep 2004
Location: Belgium
Posts: 1,079
Quote:
Originally Posted by squizzle
Yes I just read it before getting here and wrote about it in dutch at beterewebsites****
Where can I find your contribution (URL)?
__________________
--_Peter Vanroose,
__IBM Certified Database Administrator, DB2 9 for z/OS
__IBM Certified Application Developer
__ABIS Training and Consulting
__http://www.abis.be/
Reply With Quote
  #5 (permalink)  
Old 09-17-06, 11:45
squizzle squizzle is offline
Registered User
  
Join Date: Sep 2006
Location: Amsterdam
Posts: 2
Dutch article in progress
Reply With Quote
  #6 (permalink)  
Old 09-18-06, 03:59
Littlefoot Littlefoot is offline
Lost Boy
  
Join Date: Jan 2004
Location: Croatia, Europe
Posts: 3,629
Cool! It was as interesting as new Indiana Jones' adventure
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


 
 
 
Home  |   Register  |   Get New  |   FAQ's  |   Sitemap

Powered by vBulletin
Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.