Jump to content

JAVA Peddalu Ravali


fake_Bezawada

Recommended Posts

2 hours ago, fake_Bezawada said:

oka manchi link padey bro naku pleaseeeee oka 1 week mee CBN,Balayya thread la joliki raanu 

naku telusu , kani neku chepanu gsb9.gif

Link to comment
Share on other sites

  • Replies 47
  • Created
  • Last Reply

Top Posters In This Topic

  • fake_Bezawada

    17

  • Prabhas_Fan

    6

  • SeemaLekka

    4

  • icecreamZ

    3

Popular Days

Top Posters In This Topic

aa concept ne prepared statement or something like that antaru kada man... most programming languages lo vadataaru... try google that name.. nenu Java expert ni kaadu but I know how in my team they do this, so telling... sorry exact direction lo point cheyalenu but thats the term used with sql queries to avoid sql injection ... recently done same with Json...

Link to comment
Share on other sites

7 hours ago, fake_Bezawada said:

ippudu web services lo json response vastundhi kadha ajax or some js nunchi

andhulo SQL injection vunte ela validate chestaru 

evarina baaga telisina vaalu vunte help me please

are you taking about request?

sql statment execute chese mundhu....input params ni validate cheyyi.

or use prepared statements with param substitution.

Link to comment
Share on other sites

Basically sql injection should be taken care at server side.. client can be written n altered by anybody.. if you're writing client use encoding your sensitive data while posting your requests. If you're using spring framework, use spring data jpa over hibernate.. it has SQL injection prevention mechanism.. can't write much here .. providing some pointers.. 

http://stackoverflow.com/questions/12400506/spring-data-crud-methods

http://javabeat.net/spring-data-jpa-query/

sorryfor external links..

Link to comment
Share on other sites

29 minutes ago, icecreamZ said:

are you taking about request?

sql statment execute chese mundhu....input params ni validate cheyyi.

or use prepared statements with param substitution.

Sql injection ante :o

any sample req post here plz

Link to comment
Share on other sites

38 minutes ago, icecreamZ said:

are you taking about request?

sql statment execute chese mundhu....input params ni validate cheyyi.

or use prepared statements with param substitution.

Input param ni ela validate chestam 

Suppose naku DTO form lo vastundi from js like {user:"babloo || delete from userdetails",password:"bumchik"} nenu rest vatchi

@GET

@PATH

@Produces(MediaType.APPLICATION_JSON)

 public String doSomething(UserDTO udto); ila object mapping chestunanu ah udto ni persist cheaetapudu ee paricular param ni ela validate cheyyali

Link to comment
Share on other sites

16 minutes ago, RamanaReddy said:

Basically sql injection should be taken care at server side.. client can be written n altered by anybody.. if you're writing client use encoding your sensitive data while posting your requests. If you're using spring framework, use spring data jpa over hibernate.. it has SQL injection prevention mechanism.. can't write much here .. providing some pointers.. 

http://stackoverflow.com/questions/12400506/spring-data-crud-methods

http://javabeat.net/spring-data-jpa-query/

sorryfor external links..

Thank you for that bro 

Link to comment
Share on other sites

Just now, fake_Bezawada said:

Na scenario cheppa kada ala object mapping lo response capture chesetapudu ela validate cheyyali

enni years exp undi?

Link to comment
Share on other sites

Just now, fake_Bezawada said:

Vaddu le bhayyiah malli tidathav idi kooda raada ani

Naku 4years exp india lo

naku e thread lo matladedi edi teledu. exp endukante inka onsite chance raledannav ga andukani adiga

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...