SQL Connector are things escaped?

chrislarge305 · June 21, 2017, 8:29pm

Are SQL queries escaped to prevent SQL injection attacks?

Thanks

mishav · June 22, 2017, 4:53am

I assume you mean the parameter values?

Possibly the parameters use binding, which prevents this attack, but I’m not certain.

I’d be interested in seeing results of your testing : )

chrislarge305 · June 22, 2017, 5:27pm

Hi Mishav,

Yep that probably means its all escaped then! I’l have to do some testing and ill report back.

andersan · December 21, 2017, 4:31pm

Did you ever test this vulnerability?

Topic		Replies	Views
SQL Injection with SQL connector API plugin Database	1	240	September 14, 2023
Test Value with MySQL Query not working Database	14	965	October 17, 2023
Preventing SQL Injection in Bubble + WYSIWYG Plugin Questions	5	2761	August 9, 2023
Queries names on SQL Database Connector API have disapiared APIs	13	371	October 27, 2022
[Help needed] SQL Connector Database	2	351	March 31, 2022