I want to create an SQL interface where the user can execute only "SELECT" queries and by clicking on a submit button, the query will be sent to the database
and i want to know how to make an SQL statement that receives the user query and execute it
something like that :
private static final String var = "SELECT query sent by the user";
public String executeUserQuery() {
return executeQuery(var);
}
and it only has to be a SELECT query, he don't have the right to do anything else, except reading data.
Aucun commentaire:
Enregistrer un commentaire