parameterized sql query - asp.net / c#

前端未结

关注

 6  615

孤独总比滥情好 2021-01-18 20:03

So I recently learned that I should absolutely be using parametrized query\'s to avoid security issues such as SQL injection. That\'s all fine and all, I got it working.

6条回答

[愿得一人] (楼主)

2021-01-18 20:42
Another technique, you can use..
```
List lstPrm = new List();

 lstPrm.Add(new SqlParameter("@pusername", usernameValue ));
 lstPrm.Add(new SqlParameter("@pID", someidValue));
 lstPrm.Add(new SqlParameter("@pPassword", passwordValue));
```
Add the end you can iterate to insert the parameters in your command object
0 讨论(0)

查看其它6个回答
发布评论:

提交评论
- 加载中...