Hi,
How can I avoid the effects of SQL injection in my webapp. I am using
servlets to develop my application. I am also using prepared statements. My query goes something like this:
Select * from tablename where column1 like '%" + Column1 + "%';
Can anybody please suggest how to modify my sql query to avoid sql injection effects.
Thanks.