[英]How to prevent SQL injection In App Engine JDO
Please Help..请帮忙..
How to prevent SQL Injection at the Time of JDO INSERTION? JDO INSERTION时如何防止SQL注入?
My JDO class is MyData.Java我的 JDO 类是 MyData.Java
package com.jdo;
import java.util.Date;
import javax.jdo.annotations.PersistenceCapable;
import javax.jdo.annotations.Persistent;
import javax.jdo.annotations.PrimaryKey;
import javax.jdo.annotations.IdentityType;
@PersistenceCapable(identityType = IdentityType.APPLICATION,detachable="true")
public class MyData{
@PrimaryKey
@Persistent
private String id;
@Persistent
private String name;
@Persistent
private String address;
@Persistent
private Date addedDate;
/**
*
* @param id
* @param name
* @param address
*/
public MyData(String id,String name,String address) {
super();
this.id=id;
this.name=name;
this.address=address;
this.addedDate = new Date();
}
/**
* @return id
*/
public String getId(){
return this.id;
}
/**
*
* @return name;
*/
public String getname(){
return this.name;
}
/**
*
* @return addedDate
*/
public Date getAddedDate(){
return this.addedDate;
}
/**
*
* @param id
*/
public void setId(String id){
this.id=id;
}
/**
*
* @param name
*/
public void setName(String name){
this.name=name;
}
/**
*
* @param addedDate
*/
public void setaddedDate(Date addedDate){
this.addedDate=addedDate;
}
}
And i tried to insert using我尝试插入使用
MyData user=new MyData ("id001","Shana","Address");
user=MyDataDAO.saveData(user);
It is saving in table successfully..But i need to prevent it from SQL Injection...Please Help?它成功保存在表中..但我需要防止它被 SQL 注入...请帮忙?
SQL injection occurs when you create queries by concatenating strings of plain text with strings of SQL.当您通过将纯文本字符串与 SQL 字符串连接起来创建查询时,就会发生 SQL 注入。
You don't need to worry if您无需担心,如果
The code above looks like it falls into category 2.上面的代码看起来属于第 2 类。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.