RE: Torque and SQL Injection

Torque 3.3 escapes Strings in Queries(see method org.apache.torque.util.SqlExpression.quoteAndEscapeText(String, DB)), so SQL injection should not be a problem. The current Torque 4 trunk uses Prepared statements throughout, which is probably even better. Thomas Adrian Paleacu schrieb am 05

Torque and SQL Injection

Hi everyone, I'm wondering how safe is torque on sql injection attacks, I dind't fine any official page on that. Regards, Adrian