loading...

re: Java MYSQL Connection VIEW POST

FULL DISCUSSION
 

Hi :) it’s good to see people learning Java these days, but I would like to mention two important things that are missing in your code:

  • always close your connection when you are not using it (I know this is a simple example but it’s a good practice)
  • concatenation of input parameters directly into sql without escaping them first is a SQL injection waiting to happen. Again, I know that this is a simple code, but you should really use PreparedStatement here
 

Yeah exactly! Just giving a basic idea of how to do this without any trouble. Anyways I have made some edits and addressed both issues. Thanks!

code of conduct - report abuse