svn commit: r613503 - /commons/proper/configuration/trunk/src/java/org/apache/commons/configuration/DatabaseConfiguration.java

Sat, 19 Jan 2008 20:39:31 -0800 

Author: bayard
Date: Sat Jan 19 20:39:08 2008
New Revision: 613503

URL: http://svn.apache.org/viewvc?rev=613503&view=rev
Log:
Applying Hasan Diwan's patch to add a note that DatabaseConfiguration does not 
protect from SQL Injection - CONFIGURATION-304

Modified:
    
commons/proper/configuration/trunk/src/java/org/apache/commons/configuration/DatabaseConfiguration.java

Modified: 
commons/proper/configuration/trunk/src/java/org/apache/commons/configuration/DatabaseConfiguration.java
URL: 
http://svn.apache.org/viewvc/commons/proper/configuration/trunk/src/java/org/apache/commons/configuration/DatabaseConfiguration.java?rev=613503&r1=613502&r2=613503&view=diff
==============================================================================
--- 
commons/proper/configuration/trunk/src/java/org/apache/commons/configuration/DatabaseConfiguration.java
 (original)
+++ 
commons/proper/configuration/trunk/src/java/org/apache/commons/configuration/DatabaseConfiguration.java
 Sat Jan 19 20:39:08 2008
@@ -74,7 +74,7 @@
  * Configuration config2 = new DatabaseConfiguration(datasource, "myconfigs", 
"name", "key", "value", "config2");
  * String value2 = conf.getString("key2");
  * </pre>
- *
+ * <h1>Note: Like JDBC itself, protection against SQL injection is left to the 
user.</h1>
  * @since 1.0
  *
  * @author <a href="mailto:[EMAIL PROTECTED]">Emmanuel Bourg</a>

Reply via email to