click-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bob Schellink <>
Subject Re: How sure is Click agains SQL injections?
Date Mon, 29 Mar 2010 09:11:42 GMT
Hi George,

ORMs like Hibernate/JPA/Cayenne take care of SQL injection by using prepared statements. If
you use 
raw JDBC you should use prepared statements as well.

See the defense strategies mention here:

kind regards


On 29/03/2010 12:30 AM, georgex wrote:
> How sure is Click against SQL injections?
> I mean a typical Click application like Click-Examples - but without Spring
> (where the average programmer doesn't add an extra layer of checking - but
> it's using Click as default).
> Thanks,
> George.

View raw message