14 Building Reliable Solutions to Avoid SQL Injection

Improper value management and assignment can lead to security issues related to SQL injection. Although it is not directly evident, it can cause significant problems if bind variables or other sanitization techniques are not used. Unfortunately, most people do not realize this situation and live with the incorrect assumption that the date and time values cannot be the root of the SQL injection. They put the character string sequence of individual elements representing date and time values into the command definition. However, then, the provided value is converted into a DATE or TIMESTAMP value automatically and evaluated. But there is a risk: automated conversion.

Often, date and time values ...

Get Developing Robust Date and Time Oriented Applications in Oracle Cloud now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Developing Robust Date and Time Oriented Applications in Oracle Cloud by Michal Kvet

14

Building Reliable Solutions to Avoid SQL Injection

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly