Geek Answers Handbook

Deny SQL injection in text fields with free response in classic ASP

I have free-answer text fields, and I'm not sure how to clear them to prevent SQL injection. Any ideas?

+5
source share
2 answers

Create a parameterized query instead of combining user input into the query.

Here's how to do it in classic asp: http://blog.binarybooyah.com/blog/post/Classic-ASP-data-access-using-parameterized-SQL.aspx

, , 100% SQL-, - sql, , . . , . , , - , , . - , db.

+16

procedure.

: . , sql sp , , SQL-, (- , ):

http://asktom.oracle.com/pls/asktom/f?p=100:11:0::::P11_QUESTION_ID:23863706595353

sql, ( sql Oracle - sql Pro * C/PLSQL!). " sql, . - - . SQL - , . .

0

More articles:


All Articles