Click here to Skip to main content
14,268,557 members

Article Writing

 
QuestionWeird Pin
Nelek28-Jul-19 6:32
protectorNelek28-Jul-19 6:32 
AnswerRe: Weird Pin
Wendelius28-Jul-19 20:29
mveWendelius28-Jul-19 20:29 
AnswerRe: Weird Pin
Sean Ewington29-Jul-19 3:31
staffSean Ewington29-Jul-19 3:31 
GeneralRe: Weird Pin
Nelek29-Jul-19 4:10
protectorNelek29-Jul-19 4:10 
QuestionCan't edit my article Pin
Akram El Assas27-Jul-19 4:40
memberAkram El Assas27-Jul-19 4:40 
QuestionFormatting Pin
Dr.Walt Fair, PE15-Jul-19 10:30
professionalDr.Walt Fair, PE15-Jul-19 10:30 
QuestionWhy?, My Article deleted Pin
hussam.it14-Jul-19 23:28
professionalhussam.it14-Jul-19 23:28 
AnswerRe: Why?, My Article deleted Pin
Richard Deeming15-Jul-19 7:46
mveRichard Deeming15-Jul-19 7:46 
I can't tell you why it was flagged for deletion, but I can have a pretty good guess: your code is vulnerable to SQL Injection[^].
Quote:
The Value property will be rendered to a pattern by adding the % character at the beginning and the end of it:
Database.Table.Name = "Customers"
Database.Table.AliasName = "cust"
With Database.Table.Query.Items
   .Add("cust.CustomerId")
   .Add("cust.ContactName")
   .Add("cust.City", "Lon", QItem.Types.WHERE_LIKE)
End With

The generated SQL Statement will be:
SELECT cust.CustomerId,cust.CompanyName,cust.ContactName,cust.City _
FROM dbo.Customers cust WHERE cust.City LIKE N'%Lon%';


NEVER use string concatenation to build a SQL query. ALWAYS use a parameterized query.

Everything you wanted to know about SQL injection (but were afraid to ask) | Troy Hunt[^]
How can I explain SQL injection without technical jargon? | Information Security Stack Exchange[^]
Query Parameterization Cheat Sheet | OWASP[^]

I would be very surprised if Sean and others hadn't left you a message explaining this critical security vulnerability in your code before closing your article.

There's nothing stopping you from re-submitting the article once you've fixed the vulnerability.



"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer


modified 15-Jul-19 15:20pm.

GeneralRe: Why?, My Article deleted Pin
Nelek15-Jul-19 8:22
protectorNelek15-Jul-19 8:22 
GeneralRe: Why?, My Article deleted Pin
Richard Deeming15-Jul-19 9:20
mveRichard Deeming15-Jul-19 9:20 
GeneralRe: Why?, My Article deleted Pin
hussam.it16-Jul-19 6:40
professionalhussam.it16-Jul-19 6:40 
QuestionCodeProject URL Shortener Pin
Daniel Vaughan3-Jul-19 23:08
memberDaniel Vaughan3-Jul-19 23:08 
AnswerRe: CodeProject URL Shortener Pin
Nelek4-Jul-19 0:45
protectorNelek4-Jul-19 0:45 
QuestionMy article was deleted Pin
Shahzad Ujan3-Jul-19 19:11
professionalShahzad Ujan3-Jul-19 19:11 
QuestionWhere can I found section for POWERBI Pin
coded0071-Jul-19 7:06
professionalcoded0071-Jul-19 7:06 
AnswerRe: Where can I found section for POWERBI Pin
Sean Ewington2-Jul-19 4:43
staffSean Ewington2-Jul-19 4:43 
GeneralRe: Where can I found section for POWERBI Pin
coded0072-Jul-19 5:41
professionalcoded0072-Jul-19 5:41 
Questionblog needing help Pin
Nelek25-Jun-19 10:02
protectorNelek25-Jun-19 10:02 
QuestionMathJax wrong block delimeters Pin
Daniel Vaughan23-Jun-19 23:39
memberDaniel Vaughan23-Jun-19 23:39 
QuestionUnable to Edit Article Pin
Ehtesam Ahmed19-Jun-19 4:09
professionalEhtesam Ahmed19-Jun-19 4:09 
AnswerRe: Unable to Edit Article Pin
Sean Ewington19-Jun-19 8:44
staffSean Ewington19-Jun-19 8:44 
GeneralRe: Unable to Edit Article Pin
Ehtesam Ahmed19-Jun-19 21:44
professionalEhtesam Ahmed19-Jun-19 21:44 
QuestionNew Articles Pin
fluffy39-Jun-19 7:02
memberfluffy39-Jun-19 7:02 
AnswerRe: New Articles Pin
Richard MacCutchan9-Jun-19 21:54
protectorRichard MacCutchan9-Jun-19 21:54 
GeneralRe: New Articles Pin
jamieereynoldss9-Jun-19 23:55
memberjamieereynoldss9-Jun-19 23:55 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.