This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Parameterized Command Interface
From OWASP
Revision as of 18:27, 27 May 2009 by MediaWiki spam cleanup (talk | contribs) (Reverting to last version not containing links to www.texteltdelrel.com)
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.
A parameterized command interface is used as an alternative to a string-based command interface. This type of interface prevents Injection attacks by keeping parameters separate from the command itself.
Examples of parameterized command interfaces include:
- PreparedStatement in Java