Thanks for the links.I have added sql helper dll in my website but i didnt get sqlhelper.cs in app_code.how to get into app_code folder.
If you have Assembly then what is need of .cs file,
greeny_1984
Is that true that sql helper class cauese sql injections.
Yes, there is lot of chance if you use CommandText as Text,
i.e, you are using inline sql. U must use SQL Store Procedure.
For Example you write command Text as
"WHERE
Column1='"+TextBox1.Text "' and Column2='"+TextBox2.Text "'
If I Enter in TextBox1.Text = ' OR 1=1 --
then simply always true because 1=1 and -- comment after remaining code
"And whoever is removed away from the Fire and admitted to Paradise, he indeed is successful." (The Holy Quran)
Excellent Windows VPS Hosting Imran Baloch MVP, MVB, MCP, MCTS, MCPD
Marked as answer by greeny_1984 on Apr 23, 2009 11:02 AM
imran_ku07
All-Star
45815 Points
7698 Posts
MVP
Re: sql helper class
Apr 23, 2009 10:53 AM|LINK
If you have Assembly then what is need of .cs file,
Yes, there is lot of chance if you use CommandText as Text,
i.e, you are using inline sql. U must use SQL Store Procedure.
For Example you write command Text as
"WHERE
Column1='"+TextBox1.Text "' and Column2='"+TextBox2.Text "'
If I Enter in TextBox1.Text = ' OR 1=1 --
then simply always true because 1=1 and -- comment after remaining code
Excellent Windows VPS Hosting
Imran Baloch MVP, MVB, MCP, MCTS, MCPD
mohitdixit
Member
2 Points
1 Post
sql helper class
Aug 04, 2010 04:35 PM|LINK
Hey Bro,
Here is the link i give to you where you can download the sqlhelper file......
http://www.koders.com/csharp/fidD4121D6E4BCA2DAB656D770903FECBFF7427D242.aspx?s=mdef:dataset
Happy Coding Bro ......