Use Filter
On 3/22/2013 7:36 PM, J.V. wrote:
Does anyone out there have a method I could use to pass a form field
variable that would check for all known SQL injection vulnerabilities
(with regards to the form field only, irrespective of the method of
SQL execution) and return a true/false if it passes the test?
I have about 100+ forms ( 500+ fields) to validate for SQL injection
vulnerabilities and was thinking of creating an abstractForm.java
class and putting the validate method there and calling that in each
of the MyForm.java classes validate() method.
I thought initially it would be better to move everything over to use
Apache commons validator, create a global rule and simply apply the
global rule to every form field but it may be better to take this
approach.
Any thoughts on the approach or a validator classs to pattern match
the field would be helpful (if you have had such a case in the past).
thanks
J.V.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org