[Esapi-dev] [OWASP-ESAPI] Any codec for Sybase?
jim.manico at owasp.org
Thu Sep 16 22:22:07 EDT 2010
No to Sybase, and please do NOT use the database encoders! They are a (terrible) last resort (nor can we guarantee perfect SQL Injection protection if you use them to escape dynamic queries).
If you want complete SQL injection protection, you should be using the Java PreparedStatement class, variable binding, and the latest Sybase JDBC driver.
On Sep 16, 2010, at 8:17 PM, Vasten <vasten at gmail.com> wrote:
> I see codecs for Oracle and MySQL, is there one for Sybase?
> OWASP-ESAPI mailing list
> OWASP-ESAPI at lists.owasp.org
More information about the Esapi-dev