Search Results

Search found 2 results on 1 pages for 'multilinestring'.

Page 1/1 | 1 

  • Paste a multi-line Java String in Eclipse

    - by Thilo
    Unfortunately, Java has no syntax for multi-line string literals. No problem if the IDE makes it easy to work with constructs like String x = "CREATE TABLE TEST ( \n" + "A INTEGER NOT NULL PRIMARY KEY, \n" ... What is the fastest way to paste a multi-line String from the clipboard into Java source using Eclipse (in a way that it automagically creates code like the above).

    Read the article

  • Are multiline queries sql-injection safe?

    - by acmatos
    This might be a stupid question. Or maybe my hacking skills are limited (I don't practice them at all). I have a query that looks like this: <?php $query =<<<eot SELECT table_x.field1, table_x.field2, table_y.*, table_z.field4 FROM ( SELECT ... ) as table_y LEFT JOIN table_x ON table_x.field1 = table_y.field_x LEFT JOIN table_z ON table_z.field1 = table_y.field_z WHERE table_x.field3 = '$something' AND table_z.field4 = '1' AND table_z.field5 = '2' eot; ?> I have a lot of other tests on $something before it gets used, like $something = explode(' ',$something); (which later result in a string) none of them intend to prevent injection but they make it hard for the given injection to get as is to the actual query. However, there are ways. We all know how easy it is to replace a space for something else which is still valid.. So, it's not really a problem to make a potentially harmful piece of SQL reach that $something... But is there any way to comment the rest of the original query string if it is multi-line? I can comment AND table_z.field4 = '1' using ;-- but can't comment the following AND table_z.field5 = '2' Is it possible to open a multi-line comment /* without closing it or something looked like and therefore allow the injection to ignore the multi-line query?

    Read the article

1