Skip to main content


Showing posts with the label SQL Injection

Understanding SQL Injection and Creating SQL Injection Proof ASP.NET Applications

As ASP.NET developers, we often write dynamic SQL to perform some database operations. These dynamic SQL is some cases might be created by concatenating strings with user input. If we are not validating the user input and taking every input as is, then this kind of scenario poses a very serious problem of SQL injection.

SQL injection is the attack in which the user of the website will input some SQL code as input which would result in creating a SQL statement that developers didn't intend to write. These SQL statements could result in unauthorized access, revealing secret user information and sometimes it could even wipe out the entire data lying on the server.

✔

I guess you came to this post by searching similar kind of issues in any of the search engine and hope that this resolved your problem. If you find this tips useful, just drop a line below and share the link to others and who knows they might find it useful too.

Stay tuned to my blogtwitter or facebook to read …