Search

Search

Best way to protect against SQL injection in SqlDataAdapter

Marek Published at Dev

29

Marek

Hello I'm wondering what is the best way to protect against SQL injection in SqlDataAdapter (as there is no way to use parameterized query)?

For example lets use this part of code:

da_services = new SqlDataAdapter("SELECT * from table WHERE column='" + textBox1.Text + "' AND column2='" + somestring + "'", conn);
scd_services = new SqlCommandBuilder(da_services);
dt_services = new DataTable();
da_services.Fill(dt_services);
dtg_services.DataSource = dt_services;
conn.Close();

Thank you for your time.

LarsTech

You can try accessing the SqlCommand object of the DataAdapter:

da_services = new SqlDataAdapter("SELECT * from table WHERE column=@column AND column2=@column2", conn);
da_services.SelectCommand.Parameters.AddWithValue("@column", textBox1.Text);
da_services.SelectCommand.Parameters.AddWithValue("@column2", somestring);

Collected from the Internet

Please contact [email protected] to delete if infringement.

edited at2021-02-3

0

Comments

0 comments

Login to comment

Related

From Dev

The best way to secure yourself against sql injection in nodejs

From Dev

Is String.sanitize, the best way to protect from SQL injection in rails or sinatra apps

From Dev

Does passing XML as a parameter protect me against SQL injection?

From Dev

Using column_names.include? to protect against SQL Injection?

From Dev

Rails - how to protect against sql injection for a postgres find_by_sql query?

From Dev

What's the best way to protect against 'unrecognized selector' for objects returned from NSDictionary

From Dev

Best practice to protect resources against reverse engineering

From Dev

PHP + SQL Script - Protect against SQL Inject

From Dev

Best way to prevent sql "injection" when using column as variable

From Dev

Protect select statement from sql injection

From Dev

What is the best way to protect a flask endpoint?

From Dev

Best way to password protect a dropbox file

From Dev

Effective protection function against SQL injection

From Dev

Simple PHP function safe against SQL injection?

From Dev

Is merging variables safe against SQL injection?

From Dev

Protecting against sql injection using activerecord

From Dev

How can I protect against cross-build injection and other dependancy management threats in Play Framework?

From Dev

How to protect against CSRF

From Dev

Protect Website Against Piracy

From Dev

Properly protect edit control from SQL injection and nonsense characters

From Dev

How can protect PostgREST from sql injection and other security issues?

From Dev

Best way to protect a REST Api without requiring user authentication

From Dev

Best way to protect javascript code from working with modified parameters array

From Dev

Is this a good way for SQL injection prevention

From Dev

Is this correct way to prevent SQL injection?

From Dev

Protect variables from injection

From Java

Do I have to guard against SQL injection if I used a dropdown?

From Dev

Mysqli login - Am i protected against Sql injection with this code?

From Dev

What's the correct way to protect against multiple sessions getting the same data?

Related Related

Article

HotTag

Archive