Interested to Buy Any Domain ? << Click Here >> for more details...
Answer Posted / kerem kusmezer
Sql Injection is one of the input manipulation attacks,
which in case the sql statement is directly buildup from an
string concatanation, in which the user can change through
entry the result sql statement.
For Example:
select top 1 username from users where username
= '&txtusername.Text&'.
If the user enters the text with ' or -- he can add more
command to the outcoming sql statement and change the query
set.
| Is This Answer Correct ? | 2 Yes | 0 No |
Post New Answer View All Answers
What is the use of sqldatareader class?
Explain how do you connect to sql server database without using sqlclient?
If we are not returning any records from the database, which method is to be used?
What is dbcontext and dbset in entity framework?
Can we connect two dataadapters to same data source using single connection at same time?
Explain the difference between sqlcommand object and command behavior object?
What is the default provider in ado.net?
How can I retrieve two tables of data at a time by using data reader? Data reader read and forward only, how is it possible to get 2 tables of data at a time?
What are the rules to implement connection pooling?
What are the parameters that control most of connection pooling behaviours?
What are the various methods provided by the DataSet object to generate XML?
Is ado.net dead?
What is the difference between linq and ado.net?
What are the different namespaces used in the project to connect the database? What data providers available in .net to connect to database?
Which object is used to add relationship between two Datatables?
