Digest from http://blogs.msdn.com/coding4fun/archive/2008/05/19/8510470.aspx
Do you have your application hooked up to a database? Do you do stuff like
string sql = "SELECT * FROM Products"+"Where Id " + userInput;
Well, if I was mean (I'm not), I could do some naughty things that would be called a SQL Injection Attack. Imagine if I did sent in "1; Drop Table Product;" as a end user.
Well, fear not, there are a few super easy ways to prevent this type of attack.
A few quick ways are to use SQL parameters and to validate your data instead of blindly trusting your end user. Here is an example of a parameterized query.
string commandText = "SELECT * FROM Customers "+"WHERE Country=@CountryName";
SqlCommand cmd = new SqlCommand(commandText, conn);
cmd.Parameters.Add("@CountryName",countryName);
Remember, Johnny Drop Table, can cause some trouble.
1 条评论:
Howdy,
When ever I surf on web I never forget to visit this website[url=http://www.weightrapidloss.com/lose-10-pounds-in-2-weeks-quick-weight-loss-tips].[/url]pauldeng.blogspot.com is filled with quality info. Do you pay attention towards your health?. Are you really serious about your weight?. Recent Scientific Research points that closely 80% of all U.S. adults are either chubby or weighty[url=http://www.weightrapidloss.com/lose-10-pounds-in-2-weeks-quick-weight-loss-tips].[/url] Hence if you're one of these individuals, you're not alone. Its true that we all can't be like Brad Pitt, Angelina Jolie, Megan Fox, and have sexy and perfect six pack abs. Now the question is how you are planning to have quick weight loss? Quick weight loss can be achived with little effort. Some improvement in of daily activity can help us in losing weight quickly.
About me: I am webmaster of [url=http://www.weightrapidloss.com/lose-10-pounds-in-2-weeks-quick-weight-loss-tips]Quick weight loss tips[/url]. I am also health expert who can help you lose weight quickly. If you do not want to go under difficult training program than you may also try [url=http://www.weightrapidloss.com/acai-berry-for-quick-weight-loss]Acai Berry[/url] or [url=http://www.weightrapidloss.com/colon-cleanse-for-weight-loss]Colon Cleansing[/url] for effective weight loss.
发表评论