|
|
|
|
|
|
by refset
770 days ago
|
|
|
H2 offers quite a comprehensive solution for dealing with this: > [H2] provides a way to enforce usage of parameters when passing user input to the database. This is done by disabling embedded literals in SQL statements. To do this, execute the statement: > SET ALLOW_LITERALS NONE; > Literals can only be enabled or disabled by an administrator https://www.h2database.com/html/advanced.html |
|
|