On Wed, 30 Oct 2002, Lorenzo Sicilia wrote: > I am a newbie you have some link that explain how to create a > Datasource with pooling? with JSP is possible or I must use Servlet?
It's a fairly general topic. Typically, to instantiate a DataSource, you just use a class that a database vendor provides -- or alternatively a pooling DataSource that can be layered on top of any driver, as in the DBCP package from Jakarta Commons at http://jakarta.apache.org/commons/dbcp.html > > Note first that it's better to be using <sql:param> and the '?' > > placeholder syntax for SQL, rather than using <c:out> inside > > <sql:query>. But that doesn't address your problem. > > I now but why is better your solution? Memory usage? Security. Using '?' and <c:param> ensures that any dangerous characters will be escaped. By "dangerous," I mean characters like a single quote (') that could alter the sense of your SQL statement and end up hijacking it to produce unintended results. -- Shawn Bayern "JSTL in Action" http://www.jstlbook.com -- To unsubscribe, e-mail: <mailto:taglibs-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:taglibs-user-help@;jakarta.apache.org>
