V r Cloud

Salesforce Connect Salesforce connect is a framework that enables you to view, search and modify data that's stored outside your Salesforce org. Instead of extracting and copying that data into your org using ETL tool, we can use external objects to access that data real time using web-service callouts. Salesforce recommend to use Salesforce Connect if You have large amount of data that you don't want to copy into your Salesforce org. You need small amount of data at any one time. You need real-time access to the latest data. You store your data in the cloud or in a back-office system, but want to display or process that data in your Salesforce org. External Objects: External objects in Salesforce are similar as custom objects but they are mapped to data located outside your Salesforce org. Each of the external object’s fields maps to a table column on the external system. External objects enable users to search and interact with the external data. Each or...

SOQL Injection A SOQL injection consists of insertion or injection of SOQL query via the input data from client to application. A successful SQQL injection exploit can read sensitive data from the database. Below is the example of Apex and Lightning Component code vulnerable to SOQL injection. Now enter name existing contact name and click on search button to see the result, in my case I search for contact whose Name contains 'Winter'. Now in search box enter " winter%' OR Name LIKE ' " and click on search button to all contact records. How to prevent SOQL injection? 1. Static Query: To prevent SOQL injection attach, avoid using dynamic SOQL queries. Instead, use static queries and binding variables. 2. Escaping Single Quotes: use of string.escapeSingleQuotes() method arounf variable function escapes any instance that it finds of a ‘ quote in the string using the backslash (\) escape character. This prevents an attacker’s input from...