Re: preventing sql injection

Subject: Re: preventing sql injection

From: Johan Henselmans <email@hidden>

Date: Thu, 25 Oct 2007 17:46:22 +0200

Delivered-to: email@hidden

Op 25-okt-2007, om 16:34 heeft John Huss het volgende geschreven:

Is there some formatter or something that will make a search-string
'wildcard-safe'? Or are these home-brewn?

How about:

filterString = filterString.replace("%", "").replace("*", "");

untested...

This one will not work, because % and * are part of the regular _expression_ syntax/

This however, did work: filterString = filterString.replaceAll("[\\*\\%\\?]","");

Thanks for sending me in the right direction.

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/webobjects-dev/email@hidden

This email sent to email@hidden

Regards,

Johan Henselmans

http://www.netsense.nl

Tel: +31-20-6267538

Fax: +31-20-6273852

_______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list (email@hidden) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/webobjects-dev/email@hidden This email sent to email@hidden

Follow-Ups:

Re: preventing sql injection
- From: "John Huss" <email@hidden>
Re: preventing sql injection
- From: Mike Schrag <email@hidden>

References:

>preventing sql injection (From: Johan Henselmans <email@hidden>)

>Re: preventing sql injection (From: Q <email@hidden>)

>Re: preventing sql injection (From: Johan Henselmans <email@hidden>)

>Re: preventing sql injection (From: "John Huss" <email@hidden>)