Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Want ti know affected table and their fields using Trigger

 
Ganesh Pat
Ranch Hand
Posts: 79
Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hii friends I'm working on SQL Injection project where i want to know which tables and fields of that tables have been affected by queries executed by user and want to display these. I know little bit about trigger so is it possible to know which table and their fields are being modified using Trigger After query ? I also want to get the names of tables and columns and store them in variables so i can display those name on swing in my project ? if possible furnish links please
 
Martin Vajsar
Sheriff
Posts: 3752
62
Chrome Netbeans IDE Oracle
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Some databases support auditing, which might be a better fit for you. If your database supports it, it will probably be less overall work to use, less error prone and more performant (perhaps even much more).

It might be done using triggers, though. Details might depend on the database you're using. I assume your triggers would put the details into an audit table. You might need to have a process in place to erase old audit records.

Generally speaking, SQL injection is only possible if the code is written *wrongly*. If your concern is solely SQL injection, then the correct approach would be to review the code and prevent any possibility of SQL injection by correctly using PreparedStatements (or their counterparts in another language). Also the DB user used by the application to connect to the database should have the least possible set of privileges (not any DROP privilege, for example, and only INSERT privilege on audit tables).

If you need links, you need to specify which database you're using. But Googling <database> trigger should get you there as well
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic