-->
These old forums are deprecated now and set to read-only. We are waiting for you on our new forums!
More modern, Discourse-based and with GitHub/Google/Twitter authentication built-in.

View unanswered posts | View active topics


Board index » Hibernate & Java Persistence » NHibernate Users

All times are UTC - 5 hours [ DST ]


Forum locked This topic is locked, you cannot edit posts or make further replies.  Page 1 of 1
  [ 2 posts ] 
  Previous topic | Next topic 
Author Message
mr
 Post subject: SQL Injection
PostPosted: Tue Jan 09, 2007 1:33 pm 
Newbie

Joined: Mon Jan 01, 2007 11:33 pm
Posts: 10
What specific steps, if any, does NHibernate take to prevent SQL Injection when persisting objects, et al?


I googled around and couldn't really find anything so I wasn't quite sure.


Thanks
Top
 Profile  
 
Ayende Rahien
 Post subject:
PostPosted: Tue Jan 09, 2007 4:19 pm 
Contributor
Contributor

Joined: Sat Sep 24, 2005 11:25 am
Posts: 198
You rarely if ever need to use SQL directly.
working with parameters is a breeze.
There is an OOP API that you can use to abstract the query building from you

Even if you are concentrating strings, you are using HQL, and not SQL, meaning that it will fail to parse before being passed to the server.
Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  Page 1 of 1
  [ 2 posts ] 

Board index » Hibernate & Java Persistence » NHibernate Users

All times are UTC - 5 hours [ DST ]

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
© Copyright 2014, Red Hat Inc. All rights reserved. JBoss and Hibernate are registered trademarks and servicemarks of Red Hat, Inc.