Hi,
> This way it is possible to avoid sql-injection
Yes. Did you know about the built-in protection about SQL-injection?
See http://h2database.com/html/advanced.html#sql_injection -
"Disabling Literals"
Regards,
Thomas
--
You received this message because you are subscribed to the Google Grou
Thanks a million!
This way it is possible to avoid sql-injection, and FindBugs will not
complain about my code (zero-bugs policy).
Best regards,
Johan
On 7 mar, 07:23, Thomas Mueller wrote:
> Hi,
>
> Currently, the password need to be set as a literal in the SQL
> statement (PASSWORD 'xxx'). Th
Hi,
Currently, the password need to be set as a literal in the SQL
statement (PASSWORD 'xxx'). This will be fixed in the next release.
Thanks for reporting this issue!
Regards,
Thomas
--
You received this message because you are subscribed to the Google Groups "H2
Database" group.
To post to
Hi!
I can't get this code to work. Does anybody know why H2 doesn't accept
the second argument (the password string)?
String sql = "RUNSCRIPT FROM ? COMPRESSION DEFLATE CIPHER AES
PASSWORD ?";
PreparedStatement prepstat = conn.prepareStatement(sql);
prepstat.setString(1, backupFilename);
prepstat