Sunday, 15 January 2012

c# - SQL Injection filter method for ASP.NET -


I have fields that are free form text and allow about any combination of numbers / symbols. What is the best way to validate SQL injection? Can I run a simple place of tick marks? Is there a way I can plug to use?

Just use parameterized questions! Check out this article here:


No comments:

Post a Comment