RE: Torque and SQL Injection
Torque 3.3 escapes Strings in Queries(see method org.apache.torque.util.SqlExpression.quoteAndEscapeText(String, DB)), so SQL injection should not be a problem. The current Torque 4 trunk uses Prepared statements throughout, which is probably even better. Thomas Adrian Paleacu schrieb am 05
Torque and SQL Injection
Hi everyone, I'm wondering how safe is torque on sql injection attacks, I dind't fine any official page on that. Regards, Adrian