Home
ASP.NET Forums » General ASP.NET » FAQ - Frequently Asked Questions » Avoid SQL Injection attacks

Avoid SQL Injection attacks

Rate It (5)

Last post 10-05-2009 7:29 AM by slavik118. 110 replies.

Sort Posts:

  • Re: Avoid SQL Injection attacks

    07-12-2009, 3:43 AM
    • All-Star
      30,941 point All-Star
    • Naom
    • Member since 12-31-2007, 7:08 PM
    • Wisconsin
    • Posts 6,854

     Not sure, if this great article was already referenced in this thread

    The Curse and Blessings of Dynamic SQL

    Looking for a job opportunity.

    Beware of bugs in the above code; I have only proved it correct, not tried it.
    (Donald Knuth)

    Visit my blog

    PluralSight Learning Library

  • Re: Avoid SQL Injection attacks

    07-12-2009, 5:32 PM
    • All-Star
      63,000 point All-Star
    • TATWORTH
    • Member since 02-04-2003, 1:34 PM
    • England
    • Posts 12,308
    • TrustedFriends-MVPs

    Thank you for posting the link.

    Don't forget to click "Mark as Answer" on the post that helped you.
    This credits that member, earns you a point and marks your thread as Resolved so we will all know you have been helped.

  • Re: Avoid SQL Injection attacks

    07-21-2009, 3:48 AM
    • Member
      2 point Member
    • Arif Sheikh
    • Member since 09-15-2006, 11:59 PM
    • Wichita, KS
    • Posts 1

     I agree with Manas. I use the Helper SQL myself. I had several sql injection attacks in the last few months to drop the database or change the data, but all of them were balked.

    -Arif Sheikh, MS (Electrical Engg), MCP

  • Re: Avoid SQL Injection attacks

    10-01-2009, 3:31 AM
    • Member
      12 point Member
    • k.srinivas81
    • Member since 05-19-2009, 1:23 PM
    • India
    • Posts 10

    The main weak point for SQL injection attack is writing in-line SQL or building the statement in the Stored Procedure dynamically using string concatenations. To avaoid SQL injection attacks use Stored Procedures and pass the only values.

    Srinivas
    Visit my blog

  • Re: Avoid SQL Injection attacks

    10-01-2009, 1:04 PM

    very simple and good post!

    it will be helpful for many developers


    Chandra Prakash Andani
    Web Developer - ASP .Net
    INDIA
    919871406116
    chanderandani@gmail.com

  • Re: Avoid SQL Injection attacks

    10-05-2009, 7:29 AM
    • Participant
      853 point Participant
    • slavik118
    • Member since 01-17-2006, 12:19 PM
    • Posts 164

    As for me, it is very cut and dry with the matter - migration to LINQ to SQL clears up the problem: http://msdn.microsoft.com/en-us/library/bb386929.aspx  
Page 8 of 8 (111 items) « First ... < Previous 4 5 6 7 8
RSS Available

Contact | Advertise | Issue Management by Axosoft's OnTime | Running IIS7
All Rights Reserved. | Terms of Use | Trademarks | Privacy Statement
© 2009 Microsoft Corporation.