mirrors/eiffel-org
1
0
Fork 0
mirror of https://github.com/EiffelSoftware/eiffel-org.git synced 2025-12-08 15:52:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update wikipage Defending against SQL injections with EiffelStore. (Signed-off-by:javier).

Browse Source 
git-svn-id: https://svn.eiffel.com/eiffel-org/trunk@1774 abb3cda0-5349-4a8f-a601-0c33ac3a8c38
This commit is contained in:
eiffel-org
2017-02-03 18:21:02 +00:00
parent 692d19d9bd
commit f0eb5cbd45
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
documentation/trunk/solutions/database-access/eiffelstore/EiffelStore-SQL-injection.wiki
View File

@@ -30,4 +30,10 @@ Variables syntax is simple: the ':' special character followed by the variable n
{{SeeAlso| To learn more about EiffelStore query variables read the following article}} {{SeeAlso| To learn more about EiffelStore query variables read the following article}}
* [https://www.eiffel.org/doc/solutions/Query%20variables Query Variables] * [https://www.eiffel.org/doc/solutions/Query%20variables Query Variables]
==How to bind variables/placeholders to a template query.==
To avoid SQL Injections you will need to map variables names to values using the EiffelStore API (using EiffelStore supported connectors)
* Queries returning a result will need to use: <code>DB_SELECTION</code>
* Queries updating the database (Insert, Update, Delete) will need to use: <code>DB_CHANGE</code>