Back

Explore Courses Blog Tutorials Interview Questions
0 votes
1 view
in SQL by (20.3k points)

Hi, I was thinking how it it is possible to execute something like this with the help of JDBC as it presently provides an exception even if it is possible in the MySQL query browser.

"SELECT FROM * TABLE;INSERT INTO TABLE;"

While I realized that it is possible by having this SQL query string being split and getting the statement executed twice, but I was thinking if there is a single approach to this.

  String url = "jdbc:mysql://localhost:3306/";

    String dbName = "databaseinjection";

    String driver = "com.mysql.jdbc.Driver";

    String sqlUsername = "root"; 

    String sqlPassword = "abc";

   Class.forName(driver).newInstance();

   connection = DriverManager.getConnection(url+dbName, sqlUsername, sqlPassword);

1 Answer

0 votes
by (108k points)

Yes, you can do the execution in that manner. There are two possible ways to execute that kind of code:

1. Either you can set the database connection by allowing multiple queries, separated by a semi-colon by default.

2. Or you can call a stored procedure that will return the cursors implicitly.

For more information regarding the same, you can refer to the SQL training course.

Browse Categories

...