Support #108
SQL PreparedStatement
| Status: | Work Completed-End life cycle | Start date: | June 11, 2010 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | June 21, 2010 | |
| Assignee: | - | % Done: | 100% | |
| Category: | - | Spent time: | - | |
| Target version: | - |
Description
We require to prevent SQL injection in our BV programs.
So Can I check Is there any methods in BV like java PreparedStatement to prevent the SQL injection.
And also we require to catch the exceptions in BV. Pls provide any methods like java try { …} catch {….}
Java Similar Code
PreparedStatement prep = conn.prepareStatement("SELECT * FROM USERS WHERE USERNAME=? AND PASSWORD=?");
prep.setString(1, username);
prep.setString(2, password);
prep.executeQuery();
History
#1 Updated by Anonymous over 14 years ago
- Tracker changed from Bug to Support
#2 Updated by Anonymous over 14 years ago
Regarding SQL injection :
There is no methods in BV like java PreparedStatement to prevent the SQL injection.
Application itself needs to take care of the SQL injection issue.
Regarding catching the exceptions in BV. All API’s in BV includes try { } catch { } to catch any exception.
Since you are writing in Java with BV71, you should be using Java's try { } catch { }.
#3
Updated by Tan Lee Yong about 14 years ago
Status?
#4 Updated by Anonymous about 14 years ago
- Status changed from Development / Work In Progress to Work Completed-End life cycle
- % Done changed from 50 to 100