Answer Posted / kerem kusmezer
Sql Injection is one of the input manipulation attacks,
which in case the sql statement is directly buildup from an
string concatanation, in which the user can change through
entry the result sql statement.
For Example:
select top 1 username from users where username
= '&txtusername.Text&'.
If the user enters the text with ' or -- he can add more
command to the outcoming sql statement and change the query
set.
| Is This Answer Correct ? | 2 Yes | 0 No |
Post New Answer View All Answers
How do you update database through dataset?
What is ado code?
How to check if a datareader is closed or opened? IsClosed()
What is sqldatareader?
Data reader read and forward only, how is it possible to get 2 tables of data at a time?
What is a serialized object?
What is the use of connection object in ado.net?
What is data access pattern?
What is data control techniques?
What are the parameters that control most of connection pooling behaviors?
What are the differences between OLEDB and SQLClient Providers?
What is microsoft ado.net?
Which components of a data provider is used to retrieve, insert, delete, or modify data in a data source?
How do you connect to sql server database without using sqlclient?
What are good ado.net object to replace to ado recordset object.
