ibatis-user-java mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Larry Meadors" <larry.mead...@gmail.com>
Subject Re: Regarding SQL injection
Date Tue, 04 Mar 2008 12:47:34 GMT
Chapter 1

Don't use the replacement ($property$) syntax unless you scrub the input.

The end.

:-)

Larry

On Tue, Mar 4, 2008 at 3:05 AM, Abhishek Pratap Singh08
<Abhishek_Singh08@infosys.com> wrote:
>
>
>
>
> Hi All,
>
>                                 I need the guidelines of handling sql
> injection in iBatis. Any pdf or link will be very helpful.
>
>
>
> Regards,
>
> Abhishek
>
>
> **************** CAUTION - Disclaimer *****************
>  This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended
> solely for the use of the addressee(s). If you are not the intended
> recipient, please notify the sender by e-mail and delete the original
> message. Further, you are not to copy, disclose, or distribute this e-mail
> or its contents to any other person and any such actions are unlawful. This
> e-mail may contain viruses. Infosys has taken every reasonable precaution to
> minimize this risk, but is not liable for any damage you may sustain as a
> result of any virus in this e-mail. You should carry out your own virus
> checks before opening the e-mail or attachment. Infosys reserves the right
> to monitor and review the content of all messages sent to or from this
> e-mail address. Messages sent to or from this e-mail address may be stored
> on the Infosys e-mail system.
>  ***INFOSYS******** End of Disclaimer ********INFOSYS***
>

Mime
View raw message