C# and MySQL .NET Connector - Any way of preventing SQL Injection attacks in a generic class?

Question

My idea is to create some generic classes for Insert/Update/Select via a C# (3.5) Winforms app talking with a MySQL database via MySQL .NET Connector 6.2.2.

For exam

Answer 1

I would expect that it would be pretty hard to scrub raw text that will be used for SQL. If at all possible I would try to use parameterized operations.

One exception would be if you didn't expose the function publicly, and you never passed in a string that was constructed from raw user input.