• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: preventing sql injection
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: preventing sql injection

  • Subject: Re: preventing sql injection
  • From: Mike Schrag <email@hidden>
  • Date: Thu, 25 Oct 2007 12:06:37 -0400
This one will not work, because % and * are part of the regular _expression_ syntax/ 

This however, did work:   filterString = filterString.replaceAll("[\\*\\%\\?]","");
Character classes in regexs do not actually require escaping, so filterString.replaceAll("[*%?]","") would be what you actually want ... Otherwise I would expect you're probably inadvertently removing backslashes also.

ms
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >preventing sql injection (From: Johan Henselmans <email@hidden>)
 >Re: preventing sql injection (From: Q <email@hidden>)
 >Re: preventing sql injection (From: Johan Henselmans <email@hidden>)
 >Re: preventing sql injection (From: "John Huss" <email@hidden>)
 >Re: preventing sql injection (From: Johan Henselmans <email@hidden>)

  • Prev by Date: Re: preventing sql injection
  • Next by Date: Re: preventing sql injection
  • Previous by thread: Re: preventing sql injection
  • Next by thread: Re: preventing sql injection
  • Index(es):
    • Date
    • Thread