cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Geoff Howard <cocoonge...@yahoo.com>
Subject RE: A case of SQL injection
Date Tue, 05 Nov 2002 18:53:07 GMT
Speaking of protecting against SQL injection - is it
generally known that DatabaseAuthenticatorAction.java
is not using PreparedStatement?  I wonder what logging
in as 
Donald Ball'; DROP TABLE user_table;

would do...?

Geoff Howard

__________________________________________________
Do you Yahoo!?
HotJobs - Search new jobs daily now
http://hotjobs.yahoo.com/

---------------------------------------------------------------------
To unsubscribe, e-mail: cocoon-dev-unsubscribe@xml.apache.org
For additional commands, email: cocoon-dev-help@xml.apache.org


Mime
View raw message