junk junk wrote:
> Check out this link , it talks about the dangers of
> improper input validations.
> http://livin4.com/jhacker/jh1.htm
This is why it is recommended to use PreparedStatement (or
CallableStatement) rather than pure String-constructed statements.
I agree with the importance of filtering ambigous characters, of
course. But the most important thing is to know what you are doing. :)
J.Ch.
--
Ing. Jozef Chocholacek Qbizm Technologies, Inc.
Chief Project Analyst ... the art of internet.
________________________________________________________________
Kralovopolska 139 tel: +420 5 4124 2414
601 12 Brno, CZ http://www.qbizm.com fax: +420 5 4121 2696
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
