R
RA
If I get the user info from an aso.net, and based on that execute some query
against the database, how can I avoid issues like this one:
Client entered in user name text box the following: "new;delect from users"
On server side I have:
sql = "select * from users where username = " + txtUser.Text;
Thanks,
Ronen
against the database, how can I avoid issues like this one:
Client entered in user name text box the following: "new;delect from users"
On server side I have:
sql = "select * from users where username = " + txtUser.Text;
Thanks,
Ronen