[Esapi-user] [OWASP-ESAPI] Any codec for Sybase?
jtmelton at gmail.com
Thu Sep 16 22:29:18 EDT 2010
If the DB encoders are not recommended, should they be removed, or at least
deprecated for future removal?
On Thu, Sep 16, 2010 at 10:22 PM, Jim Manico <jim.manico at owasp.org> wrote:
> No to Sybase, and please do NOT use the database encoders! They are a
> (terrible) last resort (nor can we guarantee perfect SQL Injection
> protection if you use them to escape dynamic queries).
> If you want complete SQL injection protection, you should be using the Java
> PreparedStatement class, variable binding, and the latest Sybase JDBC
> -Jim Manico
> On Sep 16, 2010, at 8:17 PM, Vasten <vasten at gmail.com> wrote:
> > Hi:
> > I see codecs for Oracle and MySQL, is there one for Sybase?
> > Thanks,
> > keith
> > _______________________________________________
> > OWASP-ESAPI mailing list
> > OWASP-ESAPI at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-esapi
> Esapi-user mailing list
> Esapi-user at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Esapi-user