List:General Discussion« Previous MessageNext Message »
From:Martin Gainty Date:September 23 2012 11:27pm
Subject:RE: How to block SELECT * FROM table; but not SELECT * FROMT table
WHERE...;
View as plain text  
Possibly run your constructed query thru a regex expression e.g.
String mydata = "SELECT * from table WHERE a<b;";
Pattern pattern = Pattern.compile("'WHERE'");
Matcher matcher = pattern.matcher(mydata);
if (matcher.find())
{
 //WHERE clause found proceed normally
}
else throw new Exception("WHERE clause not found");
Martin 
______________________________________________ 
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité

Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so
bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer
Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und
entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von
E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous
n'êtes pas le destinataire prévu, nous te demandons avec bonté que
pour satisfaire informez l'expéditeur. N'importe quelle diffusion non
autorisée ou la copie de ceci est interdite. Ce message sert à
l'information seulement et n'aura pas n'importe quel effet légalement obligatoire.
Étant donné que les email peuvent facilement être sujets à la
manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu
fourni.


> Date: Sun, 23 Sep 2012 18:38:58 -0400
> Subject: Re: How to block SELECT * FROM table; but not SELECT * FROMT table
> WHERE...;
> From: fuller.artful@stripped
> To: pownalltim@stripped
> CC: mysql@stripped
> 
> Tim,
> 
> I think you misunderstood the question. Daniel wants to block Select
> queries that ask for all rwows, and permit only queries that ask for some
> rows, as restricted by the Where clause.
> 
> Unfortunately, I don't think that can be done. But I'm not certain of that;
> there might be a trick.
> 
> Arthur
> www.artfulsoftware.com
> 
> On Sun, Sep 23, 2012 at 3:50 PM, Tim Pownall <pownalltim@stripped> wrote:
> 
> >  select * from table where column=value means it will return only rows that
> > match.  as long as you have proper indexing there should not be any issues.
> >
> > On Sun, Sep 23, 2012 at 1:23 PM, Luis Daniel Lucio Quiroz <
> > luis.daniel.lucio@stripped> wrote:
> >
> >
 		 	   		  
Thread
How to block SELECT * FROM table; but not SELECT * FROMT table WHERE...;Luis Daniel Lucio Quiroz23 Sep
  • Re: How to block SELECT * FROM table; but not SELECT * FROMT tableWHERE...;Reindl Harald23 Sep
  • Re: How to block SELECT * FROM table; but not SELECT * FROMT table WHERE...;Tim Pownall23 Sep
    • Re: How to block SELECT * FROM table; but not SELECT * FROMT tableWHERE...;Reindl Harald23 Sep
    • Re: How to block SELECT * FROM table; but not SELECT * FROMT table WHERE...;Arthur Fuller23 Sep
      • RE: How to block SELECT * FROM table; but not SELECT * FROMT tableWHERE...;Rick James24 Sep
RE: How to block SELECT * FROM table; but not SELECT * FROMT tableWHERE...;Martin Gainty23 Sep
  • RE: How to block SELECT * FROM table; but not SELECT * FROMT table WHERE...;abhishek jain24 Sep