Answer Posted / kerem kusmezer
Sql Injection is one of the input manipulation attacks,
which in case the sql statement is directly buildup from an
string concatanation, in which the user can change through
entry the result sql statement.
For Example:
select top 1 username from users where username
= '&txtusername.Text&'.
If the user enters the text with ' or -- he can add more
command to the outcoming sql statement and change the query
set.
Is This Answer Correct ? | 2 Yes | 0 No |
Post New Answer View All Answers
How to copy the contents from one table to another table and how to delete the source table in ado.net?
Define bubbled event?
Define executenonquery?
What are the 3 major types of connection objects in ado.net?
What is a data control clerk?
What does ole stand for in excel?
What is execute reader in ado.net?
Define the data provider classes that is supported by ado.net?
What is a serialized object?
Define table relations?
List all the steps in order, to access a database through ado.net?
What are the benefits of using of ADO.NET in .NET 4.0?
Give an example that shows how to execute a stored procedure in ado.net?
What is the use of SqlCommand object?
What do you know about ado.net's methods?