Interested to Buy Any Domain ? << Click Here >> for more details...
Answer Posted / srikant dwibedi
SQL Injection is he process of passing SQL code into an
application in a way that was not intended by the
application developer or it is a strategy for attacking
databases.
Example
An ASP page asks the user for a name and a password.
SELECT FROM users WHERE username="whatever" AND
password="mypassword".
It seems safe,but it is not. A user might enter somthing
like this 'OR 1>0....
when this is plugged into the SQL statewments the result
looks like this:
SELECT FROM users WHERE username="OR 1>0 " AND
password=" ";
This injectin comments out of the password portion of the
statement. It results in a list of all the names in the
users table. So any user could get into your system.
| Is This Answer Correct ? | 3 Yes | 2 No |
Post New Answer View All Answers
What is maximum pool size in ado.net connection string?
What is ado.net in mvc?
What is partial class?
What are the main differences between classic ado and ado.net?
What is ado in agriculture?
Explain ODP.net
Which database is the ado.net sql connection object designed for?
What property must be set and what method must be called in your code to bind the data from some data source to the Repeater control?
describe the dataset object in ado.net.
What is variable view?
What is the use of adodc?
How can we serialize the dataset object?
What is datatable in ado.net?
How to maintain the relation between two tables in ADO.NET?
What are the ado.net objects?
