S
Stelios Skiathitis
Having con as an open connection I try to execute the following code
Dim strSQL_NewSender As String
Dim cmdInsert As SqlCommand
Dim intRecIns As Integer
strSQL_NewSender = "INSERT INTO SENDERS (SndName, SndEmail) VALUES
(@SenderName, @SenderEmail)"
cmdInsert = New SqlCommand(strSQL_NewSender, con)
cmdInsert.Parameters.Add("@SenderName", txtSndName.Text)
cmdInsert.Parameters.Add("@SenderEmail", txtSndEmail.Text)
Response.Write(cmdInsert.commandText)
intRecIns = cmdInsert.ExecuteNonQuery()
con.Close()
Unfortunately when in the TextBox txtSndName I enter greek characters in the
sql server table (SENDERS)
a blank value is stored. When i use english characters it is stored
successfuly.
The database collation is greek_ci_ai and I'm using
windows-1253 (greek) encoding in the aspx script.
I must note that the above script is executed within a control ascx file.
the control called from an aspx file which has the windows-1253 encoding.
How can I fix this vulnerability?
Dim strSQL_NewSender As String
Dim cmdInsert As SqlCommand
Dim intRecIns As Integer
strSQL_NewSender = "INSERT INTO SENDERS (SndName, SndEmail) VALUES
(@SenderName, @SenderEmail)"
cmdInsert = New SqlCommand(strSQL_NewSender, con)
cmdInsert.Parameters.Add("@SenderName", txtSndName.Text)
cmdInsert.Parameters.Add("@SenderEmail", txtSndEmail.Text)
Response.Write(cmdInsert.commandText)
intRecIns = cmdInsert.ExecuteNonQuery()
con.Close()
Unfortunately when in the TextBox txtSndName I enter greek characters in the
sql server table (SENDERS)
a blank value is stored. When i use english characters it is stored
successfuly.
The database collation is greek_ci_ai and I'm using
windows-1253 (greek) encoding in the aspx script.
I must note that the above script is executed within a control ascx file.
the control called from an aspx file which has the windows-1253 encoding.
How can I fix this vulnerability?