Right, thanks for all you help! :-)
Regards,
Arsalan Zaidi
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
> Of Larry Meadors
> Sent: Wednesday, February 21, 2007 6:09 PM
> To: user-java@ibatis.apache.org; [EMAIL PROTECTED]
>
Hi Jeff.
Is there no danger of SQL Injection even if the stored procedure internally
uses the parameters to dynamically construct a query? In other words, are the
parameters actively escaped by iBATIS even if I use a '?' when calling an
stored procedure?
Thanks in advance!
Ars
id Column Index" Exception.
What am I doing wrong?
Regards.
--Arsalan
Regards,
Arsalan Zaidi
