Results 1 to 6 of 6

Thread: SQL Injection

  1. #1
    Join Date
    Dec 2003
    Location
    Canada
    Posts
    710

    Unanswered: SQL Injection


  2. #2
    Join Date
    Sep 2004
    Location
    Belgium
    Posts
    1,126
    Interesting indeed!

    This is a strong argument in favour of using static SQL in apps, instead of dynamic SQL.
    This way, the query is already analysed and interpreted at compile time, and the runtime provided arguments are just plugged into the placeholders as text, without interpretation. Exactly as one would expect.
    Last edited by Peter.Vanroose; 09-17-06 at 05:23.
    --_Peter Vanroose,
    __IBM Certified Database Administrator, DB2 9 for z/OS
    __IBM Certified Application Developer
    __ABIS Training and Consulting
    __http://www.abis.be/

  3. #3
    Join Date
    Sep 2006
    Location
    Amsterdam
    Posts
    2

    Coincidence??

    Yes I just read it before getting here and wrote about it in dutch at beterewebsites.nl

  4. #4
    Join Date
    Sep 2004
    Location
    Belgium
    Posts
    1,126
    Quote Originally Posted by squizzle
    Yes I just read it before getting here and wrote about it in dutch at beterewebsites.nl
    Where can I find your contribution (URL)?
    --_Peter Vanroose,
    __IBM Certified Database Administrator, DB2 9 for z/OS
    __IBM Certified Application Developer
    __ABIS Training and Consulting
    __http://www.abis.be/

  5. #5
    Join Date
    Sep 2006
    Location
    Amsterdam
    Posts
    2

    Dutch article in progress


  6. #6
    Join Date
    Jan 2004
    Location
    Croatia, Europe
    Posts
    4,094
    Provided Answers: 4
    Cool! It was as interesting as new Indiana Jones' adventure

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •