发表新帖
发表新帖

How can I avoid SQL injection attacks in my ASP.NET application?

前端 未结
关注
16 2110
死守一世寂寞
死守一世寂寞 2020-11-27 20:16

I need to avoid being vulnerable to SQL injection in my ASP.NET application. How might I accomplish this?

16条回答
  • 感动是毒
    感动是毒 (楼主)
    2020-11-27 20:35

    Everyone says "Use parameters". We'd have to say it less if it wasn't so perversely difficult.

    Use QueryFirst. The temptation to concatenate is removed, and the right way becomes the easiest way. You create a parameter just by typing @myParam in your SQL, the tool does the rest.

    disclaimer: I wrote QueryFirst

    0 讨论(0)
 看不清?
提交回复
热议问题