Search Results

Search found 1303 results on 53 pages for 'injection'.

Page 2/53 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12 | Next Page >

JSP Model 2 Architecture and Dependency Injection

- by Robert

If I'm writing a web application that uses the model 2 architecture, is it possible to use the Google Guice framework (or really any IoC container)? The reason I ask this question is because everything I've researched about DI, IoC, et cetera always uses Spring, Hibernate or some other framework/container in their examples. I'm just using Java…

Read the article
SQL Server SQL Injection from start to end

- by Mladen Prajdic

SQL injection is a method by which a hacker gains access to the database server by injecting specially formatted data through the user interface input fields. In the last few years we have witnessed a huge increase in the number of reported SQL injection attacks, many of which caused a great deal of damage. A SQL injection attack takes many…

Read the article
Reported error code considered SQL Injection?

- by inquam

SQL injection that actually runs a SQL command is one thing. But injecting data that doesn't actually run a harmful query but that might tell you something valuable about the database, is that considered SQL injection? Or is it just used as part to construct a valid SQL injection? An example could be set rs = conn.execute("select headline…

Read the article
Dependency Injection in ASP.NET MVC NerdDinner App using Ninject

- by shiju

In this post, I am applying Dependency Injection to the NerdDinner application using Ninject. The controllers of NerdDinner application have Dependency Injection enabled constructors. So we can apply Dependency Injection through constructor without change any existing code. A Dependency Injection framework injects the dependencies into a…

Read the article
Interface injection in Spring Framework

- by Aubergine

There is article in here, however I am still in doubt, as some people keep confusing me. Doesn't Spring really support Interface injection at all? So what I want to clarify: setSomething(somethingInterface something); // this IS NOT interface injection, IT IS setter injection? Interface injection is when you just write `implements…

Read the article
Javascript Injection and Sql Script injection

- by Pranali Desai

Hi All, I am writing an application and for this to make it safe I have decided to HtmlEncode and HtmlDecode the data to avoid Javascript Injection and Paramaterised queries to avoid Sql Script injection. But I want to know whether these are the best ways to avoid these attacks and what are the other ways to damage the application…

Read the article
Are SQL Injection vulnerabilities in a PHP application acceptable if mod_security is enabled?

- by Austin Smith

I've been asked to audit a PHP application. No framework, no router, no model. Pure PHP. Few shared functions. HTML, CSS, and JS all mixed together. I've discovered numerous places where SQL injection would be easily possible. There are other problems with the application (XSS vulnerabilities, rampant inline CSS, code copy-pasted…

Read the article
In dependency injection, is there a simple name for the counterpart of the injected object?

- by kostja

In tutorials and books, I have never seen a single word describing the object that the injected object is injected into. Instead, other terms are used, like "injection point" which don't denote the object containing the injected object. And nothing I can think of sounds right, except maybe "injection target" - but I have never…

Read the article
Questioning the motivation for dependency injection: Why is creating an object graph hard?

- by oberlies

Dependency injection frameworks like Google Guice give the following motivation for their usage (source): To construct an object, you first build its dependencies. But to build each dependency, you need its dependencies, and so on. So when you build an object, you really need to build an object graph. Building object…

Read the article
Can higher-order functions in FP be interpreted as some kind of dependency injection?

- by Giorgio

According to this article, in object-oriented programming / design dependency injection involves a dependent consumer, a declaration of a component's dependencies, defined as interface contracts, an injector that creates instances of classes that implement a given dependency interface on request. Let us now consider a…

Read the article
Questioning one of the arguments for dependency injection: Why is creating an object graph hard?

- by oberlies

Dependency injection frameworks like Google Guice give the following motivation for their usage (source): To construct an object, you first build its dependencies. But to build each dependency, you need its dependencies, and so on. So when you build an object, you really need to build an object graph. Building…

Read the article
SQL Injection When Using MySQLi Prepared Statements

- by Sev

If all that is used to do any and all database queries is MySQLi prepared statements with bound parameters in a web-app, is sql injection still possible? Notes I know that there are other forms of attack other than sql-injection, but my question is specific to sql-injection attacks on that particular web application…

Read the article
Rails SQL injection?

- by yuval

In Rails, when I want to find by a user given value and avoid SQL injection (escape apostrophes and the like) I can do something like this: Post.all(:conditions => ['title = ?', params[:title]]) I know that an unsafe way of doing this (possible SQL injection) is this: Post.all(:conditions => "title =…

Read the article
Avoid SQL Injection with Parameters

- by simonsabin

The best way to avoid SQL Injection is with parameters. With parameters you can’t get SQL Injection. You only get SQL Injection where you are building a SQL statement by concatenating your parameter values in with your SQL statement. Annoyingly many TSQL statements don’t take parameters, CREATE DATABASE for…

Read the article
Is reliance on parametrized queries the only way to protect against SQL injection?

- by Chris Walton

All I have seen on SQL injection attacks seems to suggest that parametrized queries, particularly ones in stored procedures, are the only way to protect against such attacks. While I was working (back in the Dark Ages) stored procedures were viewed as poor practice, mainly because they were seen as less…

Read the article
How to combine designable components with dependency injection

- by Wim Coenen

When creating a designable .NET component, you are required to provide a default constructor. From the IComponent documentation: To be a component, a class must implement the IComponent interface and provide a basic constructor that requires no parameters or a single parameter of type…

Read the article
Which Dependency Injection Tool Should I Use? (2)

- by Mendy

The original post is: Which Dependency Injection Tool Should I Use? While the original post is good, in this days I see a lot of people using StructureMap as their Dependency Injection tool, and in the original post no one even took it seriously. In addition, this quote: If I had to choose…

Read the article
Xpath Injection detection Tool

- by preeti

Hi, I am working on xpath Injection attack, so looking forward to build a tool to detect xpath Injection Tool in a website.Is web crawling and scanning be used for this? What can be the Logic to detect it? Are there any open source tools to detect it, so that i can develop it in Java by looking…

Read the article
Dependency injection and aggregation/association

- by Abhijeet Kashnia

In both association and aggregation, one class maintains a reference to another class. Then, does constructor injection imply composition? Going by the same logic, is it safe to say that setter injection leads to an association, and not an aggregation?

Read the article
Is this query vulnerable to sql injection?

- by user294924

$myq = sprintf("select user from table where user='%s'", $_POST["user"]); I would like to know if the above query can be exploited using SQL injection. Is there any advanced SQL injection technique that could break sprintf for this particular query?

Read the article
Help Regarding SQL injection

- by Rajesh Rolen- DotNet Developer

Please help me to prevent my data from SQL injection. I have replaced ' with '' (single quote with 2 quote) while doing any operation on sql server. Please tell me what all i need to do , to prevent my application from SQL injection. my application is in asp.net 2.0

Read the article
is there any chance of sql injection through selectbox( dynamically created or static)

- by I Like PHP

Hello All, i want to know that is there any chance of SQL injection via selectbox options? if yes then will u please show some demonstration(or refer any link). and also tell me how do we prevent sql injection in selectbox.(using PHP MYSQL) one more: if i create a…

Read the article
Are multiline queries sql-injection safe?

- by acmatos

This might be a stupid question. Or maybe my hacking skills are limited (I don't practice them at all). I have a query that looks like this: <?php $query =<<<eot SELECT table_x.field1, table_x.field2, table_y.*, …

Read the article
MVVM application architecture, where to put dependency injection configuration class, BusinessLayer and Common interfaces?

- by gt.guybrush

Planning my architecture for an MVVM application I come to this: MyApp.UI View MyApp.BusinessLayer ViewModel MyApp.DataAccessLayer RepositoryImplEF MyApp.DomainLayer DomainObject RepositoryInterface MyApp.Common Logging Security Utility (contains some reflection method…

Read the article
Dependency Injection Constructor Madness

- by JP

I find that my constructors are starting to look like this: public MyClass(Container con, SomeClass1 obj1, SomeClass2, obj2.... ) with ever increasing parameter list. Since "Container" is my dependency injection container, why can't I just do this: public MyClass(Container…

Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12 | Next Page >