Win a copy of Android Programming: The Big Nerd Ranch Guide this week in the Android forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Types of SQL injections  RSS feed

 
Yuvan Asav
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How many types of SQL injections are there?
 
Stephan van Hulst
Saloon Keeper
Posts: 7385
130
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm not sure what you mean by "type of SQL injection". How do you distinguish between two different types?
 
Ryan McGuire
Ranch Hand
Posts: 1128
7
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Does this help?  https://en.wikipedia.org/wiki/SQL_injection
 
Bear Bibeault
Author and ninkuma
Marshal
Posts: 65973
140
IntelliJ IDE Java jQuery Mac Mac OS X
 
Dana Ucaed
Ranch Hand
Posts: 304
6
Netbeans IDE Oracle Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Super explication.
 
Brian Tkatch
Bartender
Posts: 572
25
Linux Notepad Oracle
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
There is only one type of injection, that is, using a value for something other than a value. There is (basically) only one way to protect against this, and that is to always use bind variables for passed values.

There are some variants that might be considered another "type" of injection, but they all boil down to the same thing anyway. Just don't use dynamic SQL.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!