[HELP]How to Prevent SQL Injection?

[backbutton123]

C# gamit ko Windows Form;

up ko lang mga sir: ganito po ba yung parametized query?

string query = "Select * from Accounts where Uname=@Uname and Pword = @Pass";
OleDbCommand cmd = new OleDbCommand(query,connection);
cmd.Connection = connection;
cmd.Parameters.AddWithValue("@User",Uname_Text.Tex t);
cmd.Parameters.AddWithValue("@Pass", Pword_Text.Text);

 

[dodgeme]

gamit ka ng parameterized query bro

 

[gie4]

Stored Procedure for MS SQL Server and Routine for MySQL

 

[tobeexiv]

C# gamit ko Windows For;

Gamit ka entity framework or dapper.net

 

[backbutton123]

ah sige mga boss salamat.

 

[backbutton123]

up ko lang mga sir: ganito po ba yung parametized query?

string query = "Select * from Accounts where Uname=@Uname and Pword = @Pass";
OleDbCommand cmd = new OleDbCommand(query,connection);
cmd.Connection = connection;
cmd.Parameters.AddWithValue("@User",Uname_Text.Text);
cmd.Parameters.AddWithValue("@Pass", Pword_Text.Text);

 

[maritesmacute]

up ko lang mga sir: ganito po ba yung parametized query?

string query = "Select * from Accounts where Uname=@Uname and Pword = @Pass";
OleDbCommand cmd = new OleDbCommand(query,connection);
cmd.Connection = connection;
cmd.Parameters.AddWithValue("@User",Uname_Text.Text);
cmd.Parameters.AddWithValue("@Pass", Pword_Text.Text);

oo ganyan nga.. tamayang ginagawa mo Very good! hehe

 

[backbutton123]

oo ganyan nga.. tamayang ginagawa mo Very good! hehe

NICE!! Salamat mga symb.

 

[paulai]

http://universe.somee.com cnu nkakalm sa inyu mga ka symbianize kng pno ko mahahack e2ng web nato.. laki lng kc ng atraso skn ng taong e2... pa help ser willing to pay