BestHub
Sign in
Architecture Digest
Architecture Digest
Nov 19, 2025 · Information Security

Preventing SQL Injection: Use Prepared Statements and MyBatis Safely

SQL injection lets attackers turn simple input fields into destructive commands that can delete or compromise databases; the article explains how string‑concatenated queries become vulnerable, demonstrates the attack step‑by‑step, and shows how parameterized queries via PreparedStatement and MyBatis’ #{ } syntax, plus defense‑in‑depth measures, effectively mitigate the risk.

MyBatisParameterized QueryPreparedStatement
0 likes · 10 min read
Preventing SQL Injection: Use Prepared Statements and MyBatis Safely
ITPUB
ITPUB
May 5, 2016 · Information Security

Understanding SQL Injection Through a Simple Robot Analogy

The article uses a warehouse‑robot analogy to illustrate how mixing user‑supplied data with commands leads to SQL injection and explains that separating commands from data via parameterized queries prevents this security flaw.

Parameterized QuerySQL Injectionsecurity
0 likes · 5 min read
Understanding SQL Injection Through a Simple Robot Analogy