Skip to Main Content

Breadcrumb

Question and Answer

Connor McDonald

Thanks for the question, Balakrishna.

Asked: July 19, 2016 - 4:15 pm UTC

Last updated: July 19, 2016 - 4:29 pm UTC

Version: 12c

Viewed 1000+ times

You Asked

Hi Tom,
1)What is the sql injection,And how to solve sql injection problems with an example program tom?

and Chris said...

SQL injection happens when people insert unwanted SQL to the code sent to the database. This can enable them to read private data or even worse things, such as drop your tables...

Preventing it is easy: Use bind variables!

For further reading, see:

https://blogs.oracle.com/sql/entry/what_is_sql_injection_and

Or if you want to see an interactive demo, check out:

http://www.codebashing.com/sql_demo


Rating

  (1 rating)

Is this answer out of date? If it is, please let us know via a Comment

Comments

DDL's

Rajeshwaran, Jeyabal, July 20, 2016 - 2:49 am UTC

With DML's binding would help, In case of DDL's that cannot be bounded, DBMS_ASSERT API would help.
more

Connor and Chris don't just spend all day on AskTOM. You can also catch regular content via Connor's blog and Chris's blog. Or if video is more your thing, check out Connor's latest video and Chris's latest video from their Youtube channels. And of course, keep up to date with AskTOM via the official twitter account.