-->
These old forums are deprecated now and set to read-only. We are waiting for you on our new forums!
More modern, Discourse-based and with GitHub/Google/Twitter authentication built-in.

View unanswered posts | View active topics


Board index » Hibernate & Java Persistence » Hibernate Users

All times are UTC - 5 hours [ DST ]


Forum locked This topic is locked, you cannot edit posts or make further replies.  Page 1 of 1
  [ 3 posts ] 
  Previous topic | Next topic 
Author Message
jazzmn
 Post subject: sql injection
PostPosted: Tue Aug 03, 2004 8:26 am 
Newbie

Joined: Tue Aug 03, 2004 8:19 am
Posts: 2
hi,

i tried to test if my application (which is based upon hibernate) is safe against sql injection. ok nothing happened, but maybe i don't have the cleverness of a hacker and he could do it...

Do you know how secure hibernate is and what i could do? Somewhere i read prepared statements could protect.

thanks and kind regards,
jazz
Top
 Profile  
 
christian
 Post subject:
PostPosted: Tue Aug 03, 2004 8:27 am 
Hibernate Team
Hibernate Team

Joined: Mon Aug 25, 2003 9:11 pm
Posts: 4592
Location: Switzerland
Hibernate only uses PreparedStatements, so you are safe from SQL injection attacks if you use bind parameters properly and don't concat query strings and user input.

_________________
JAVA PERSISTENCE WITH HIBERNATE
http://jpwh.org
Get the book, training, and consulting for your Hibernate team.

Top
 Profile  
 
jazzmn
 Post subject:
PostPosted: Tue Aug 03, 2004 8:46 am 
Newbie

Joined: Tue Aug 03, 2004 8:19 am
Posts: 2
thank you.
Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  Page 1 of 1
  [ 3 posts ] 

Board index » Hibernate & Java Persistence » Hibernate Users

All times are UTC - 5 hours [ DST ]

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
© Copyright 2014, Red Hat Inc. All rights reserved. JBoss and Hibernate are registered trademarks and servicemarks of Red Hat, Inc.