BestHub
Sign in
Tagged articles
15 articles
Page 1 of 1
Architecture Digest
Architecture Digest
Nov 19, 2025 · Information Security

Preventing SQL Injection: Use Prepared Statements and MyBatis Safely

SQL injection lets attackers turn simple input fields into destructive commands that can delete or compromise databases; the article explains how string‑concatenated queries become vulnerable, demonstrates the attack step‑by‑step, and shows how parameterized queries via PreparedStatement and MyBatis’ #{ } syntax, plus defense‑in‑depth measures, effectively mitigate the risk.

Database SecurityMyBatisParameterized Query
0 likes · 10 min read
Preventing SQL Injection: Use Prepared Statements and MyBatis Safely
Cognitive Technology Team
Cognitive Technology Team
Sep 21, 2025 · Databases

How Druid’s PreparedStatement Cache Breaks ShardingSphere Routing and Fixes

An unexpected data loss issue in a ShardingSphere‑JDBC setup was traced to Druid’s poolPreparedStatements cache, which reuses PreparedStatement objects across different shards, bypassing dynamic routing; disabling the cache or switching to HikariCP restores correct sharding behavior with minimal performance impact.

Connection PoolDruidPreparedStatement
0 likes · 12 min read
How Druid’s PreparedStatement Cache Breaks ShardingSphere Routing and Fixes
FunTester
FunTester
Jul 16, 2024 · Backend Development

Mastering JDBC: Best Practices for Secure and Efficient Java Database Access

This guide explains how to set up JDBC drivers, construct connection URLs, use PreparedStatement instead of Statement, iterate ResultSet safely, manage resources with try‑with‑resources, handle transactions, employ connection pools, and properly process SQLExceptions for robust Java database applications.

Connection PoolJDBCPreparedStatement
0 likes · 15 min read
Mastering JDBC: Best Practices for Secure and Efficient Java Database Access
Big Data Technology & Architecture
Big Data Technology & Architecture
Jul 3, 2024 · Databases

Optimizing High-Concurrency Point Queries in Doris with Row Store, Short Query Path, and PreparedStatement

This guide explains how to enable row store, configure short query path, and use PreparedStatement in Doris to reduce I/O and CPU overhead for high‑concurrency primary‑key point queries, including DDL examples, JDBC usage, row cache settings, performance tips, and verification methods.

PreparedStatementRow StoreShort Query Path
0 likes · 9 min read
Optimizing High-Concurrency Point Queries in Doris with Row Store, Short Query Path, and PreparedStatement
FunTester
FunTester
Jan 9, 2024 · Databases

Boost Java Database Performance with PreparedStatement Batch Inserts

The article explains Java's PreparedStatement interface, highlighting its performance, security, and batch processing benefits, and provides a complete example of inserting multiple user records efficiently, while also discussing practical considerations such as batch size, transaction handling, error management, and optimization tips.

Batch ProcessingDatabase PerformanceJDBC
0 likes · 6 min read
Boost Java Database Performance with PreparedStatement Batch Inserts
MaGe Linux Operations
MaGe Linux Operations
Sep 23, 2023 · Information Security

How to Prevent SQL Injection in Java Projects: From PreparedStatement to Nginx Filters

This article explains what SQL injection is, demonstrates a vulnerable example, and presents four practical defenses for Java applications—including PreparedStatement, MyBatis #{} placeholders, request‑parameter filtering, and Nginx reverse‑proxy rules—complete with code snippets and configuration details.

MyBatisPreparedStatementSQL injection
0 likes · 8 min read
How to Prevent SQL Injection in Java Projects: From PreparedStatement to Nginx Filters
Selected Java Interview Questions
Selected Java Interview Questions
Aug 23, 2023 · Information Security

Understanding SQL Injection and Prevention Techniques in Java Projects

SQL injection is a critical web security flaw where unsanitized user input can alter database queries, and this article explains its mechanics, demonstrates vulnerable Java code, and outlines four prevention methods—PreparedStatement, MyBatis #{}, request parameter filtering, and Nginx reverse‑proxy rules—complete with code examples.

MyBatisNginxPreparedStatement
0 likes · 9 min read
Understanding SQL Injection and Prevention Techniques in Java Projects
HomeTech
HomeTech
Aug 4, 2022 · Information Security

Preventing SQL Injection: Principles, Practices, and Safe MyBatis Usage

This article explains the fundamentals of SQL injection attacks, outlines their severe consequences, and provides a comprehensive set of prevention principles and practical measures—including parameterized queries, strong typing, input validation, and secure MyBatis configurations—to help developers safeguard backend applications and databases.

MyBatisPreparedStatementSQL injection
0 likes · 10 min read
Preventing SQL Injection: Principles, Practices, and Safe MyBatis Usage
Top Architect
Top Architect
Jan 8, 2022 · Backend Development

Understanding the Differences Between ${} and #{} in MyBatis and Their Impact on SQL Injection

This article explains how MyBatis' ${} and #{} placeholders differ in syntax substitution and security, demonstrates their usage with DAO interfaces, Mapper XML, and JUnit tests, analyzes SQL injection risks, shows the underlying PreparedStatement handling, and provides practical guidelines for when to use each placeholder.

MyBatisORMPreparedStatement
0 likes · 11 min read
Understanding the Differences Between ${} and #{} in MyBatis and Their Impact on SQL Injection
IT Xianyu
IT Xianyu
Jun 1, 2021 · Databases

Improving MySQL Insert Performance with Multithreading, Prepared Statements, and Batch Transactions

The article explains why multithreaded inserts can be faster than single‑threaded ones in MySQL, breaks down the time spent on each step of an insert operation, and presents practical techniques such as using PreparedStatement, multi‑value INSERT statements, and transaction batching to dramatically reduce insertion time.

Batch TransactionDatabase OptimizationInsert Performance
0 likes · 6 min read
Improving MySQL Insert Performance with Multithreading, Prepared Statements, and Batch Transactions
Architect's Tech Stack
Architect's Tech Stack
Nov 4, 2020 · Databases

Optimizing MySQL Insert Performance with Multithreading, Prepared Statements, Batch Inserts, and Transactions

This article explains why multithreaded inserts into a single MySQL table can be faster than single-threaded inserts, analyzes the time distribution of insertion operations, and presents techniques such as prepared statements, multi-value inserts, batch execution, and transaction batching to significantly improve insert throughput.

Batch InsertInsert OptimizationPreparedStatement
0 likes · 6 min read
Optimizing MySQL Insert Performance with Multithreading, Prepared Statements, Batch Inserts, and Transactions
Architect's Tech Stack
Architect's Tech Stack
Oct 27, 2019 · Databases

Optimizing MySQL Inserts with Multithreading, Prepared Statements, Batch and Transaction Techniques

This article explains how multithreaded inserts, prepared statements, multi‑value SQL, and batch transaction commits can dramatically improve MySQL insert performance by reducing connection overhead, parsing time, and network I/O, achieving insertion of 100 000 rows in roughly ten seconds.

Batch InsertPreparedStatementmultithreading
0 likes · 5 min read
Optimizing MySQL Inserts with Multithreading, Prepared Statements, Batch and Transaction Techniques