Hello,
I am looking for a way to get SQL tokens/literals (such as: SELECT, FROM, UPDATE ; , -- , etc.) from the SQLquery after parsing, but just before sending it to the database for execution.
I...
Type: Posts; User: amughost
How to get SQL literals after parsing in mySQL Connector/J ?
Hello,
I am looking for a way to get SQL tokens/literals (such as: SELECT, FROM, UPDATE ; , -- , etc.) from the SQLquery after parsing, but just before sending it to the database for execution.
I...
modification to core java file: javax.script.AbstractScriptEngine
Hello,
I have modified the core java file which is:
javax.script.AbstractScriptEngine
How can I now apply these changes to JVM?
First I wanted to put it to vm.jar file, but it does not...
Re: How to modify core Java interface java.sql.Statement.execute(String sql)?
I would say PreparedStatement prevents from SQL Injection, but not protects you. It is still vulnerable.
The Statement.executequery() implementation is under MySQL module for Java called MySQL...
Re: How to modify core Java interface java.sql.Statement.execute(String sql)?
Sorry, I have found the solution already. Thank you!
Re: How to modify core Java interface java.sql.Statement.execute(String sql)?
I have found that in PHP, it is possible to change MySQL module and embed sanitization there, and then sent the query to MySQL engine for execution
Re: How to modify core Java interface java.sql.Statement.execute(String sql)?
There should be a way of doing it without modification to the entire library modification, because the idea is to enhance methods, but not to change the whole structure of library.
I need to filter...
How to modify core Java interface java.sql.Statement.execute(String sql)?
Hello,
I am trying to find a way on how to modify java.sql.Statement.execute(String sql) method.
It is in interface and unfortunately no implementation class found in src package of Java.
Can...