如何转义 NSString 以防止 SQLInjection with Core Data [英] How to escape a NSString to prevent SQLInjection with Core Data
本文介绍了如何转义 NSString 以防止 SQLInjection with Core Data的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
从输入字段转义搜索字符串以防止 SQLInjections 的最佳方法是什么?
what is the best way to escape a Search String from an input field to prevent SQLInjections?
是否有类似 PHP 的 mysql_real_escape_string
方法,或者我应该手动替换/转义不同的字符,例如:OR、AND、LIKE、WHERE、DELETE、INSERT、UPDATE、FROM、GROUPBY、ORDER BY
等等?
Is there an mysql_real_escape_string
method like in PHP or should i manually replace/escape the different characters like: OR, AND, LIKE, WHERE, DELETE, INSERT, UPDATE, FROM, GROUP BY, ORDER BY
and so on?
推荐答案
以来自@Nick Weaver 的回答结束:
closed with the answer from: @Nick Weaver:
我认为你不必关心这个.
I don't think that you have to take care about that.
这篇关于如何转义 NSString 以防止 SQLInjection with Core Data的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文