Tips and Tricks to prevent SQL Injection in .Net Code

added by DPalkar
6/2/2010 8:30:52 AM


There are many detailed articles available on web on SQL Injection topic and hence I’ll just try to keep it short and simple in this post. SQL Injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution. This can allow an attacker to steal the data as well as modify and delete it. Conventional security measures like use of SSL and IPSec, do not protect the application from SQL injection attacks.


6/8/2010 6:52:46 AM
These tips are so old, yet some developers are so young :)