Changes between Version 2 and Version 3 of Other topics


Ignore:
Timestamp:
04/29/26 20:25:17 (3 days ago)
Author:
231035
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • Other topics

    v2 v3  
    125125
    126126== Security measures
     127=== SQL injection prevention
     128{{{
     129@Query(value = """
     130        SELECT *
     131        FROM get_top_active_users(:startTs, :endTs)
     132        """, nativeQuery = true)
     133    List<UserActivityRankingProjection> getTopActiveUsers(
     134            @Param("startTs") LocalDateTime startTs,
     135            @Param("endTs") LocalDateTime endTs
     136    );
     137}}}
     138* Native queries are executed using named parameters such as :startTs and :endTs, which are bound by Spring Data JPA. This prevents SQL injection because input values are treated as parameters, not as executable SQL.
     139
    127140== Other developments