V
VB Programmer
Using ASP.NET 2.0/SQL Express....
In places where I allow data input by users (sign up forms, comments,
etc...) do I need to manually safeguard my site against vicious attacks (SQL
injection, etc...)? Should I just run all input thru a filter that removes
all special characters, like asterick, semicolon, etc...? Or, is this
handled internally so I don't have to worry about it? Any suggestions?
Thanks.
In places where I allow data input by users (sign up forms, comments,
etc...) do I need to manually safeguard my site against vicious attacks (SQL
injection, etc...)? Should I just run all input thru a filter that removes
all special characters, like asterick, semicolon, etc...? Or, is this
handled internally so I don't have to worry about it? Any suggestions?
Thanks.