#25 SQL Injection

iteye_19623

于 2008-12-03 19:43:20 发布

阅读量62

点赞数

CC 4.0 BY-SA版权

分类专栏： Railscasts 文章标签： SQL Rails Security Java

本文链接：https://blog.youkuaiyun.com/iteye_19623/article/details/81651185

Railscasts 专栏收录该内容

108 篇文章

订阅专栏

本文讨论了动态网站常见的安全问题——SQL注入，并介绍了Rails框架为解决这一问题所采取的措施。即便如此，开发者仍需提高警惕，确保应用程序的安全。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

One of the most common security problems for dynamic sites is SQL Injection. Thankfully Rails does everything it can in solving this issue, but you still need to be aware of it.

# tasks_controller.rb
def index
  @tasks = Task.find(:all, :conditions => ["name LIKE ?", "%#{params[:query]}%"])
end