Click here to Skip to main content
14,456,102 members
   

C#

 
AnswerMessage Closed Pin
21-Feb-20 0:14
MemberMember 1475132521-Feb-20 0:14 
QuestionDifferent value from input Pin
chipp_zanuff14-Feb-20 7:15
Memberchipp_zanuff14-Feb-20 7:15 
AnswerRe: Different value from input Pin
OriginalGriff14-Feb-20 7:32
communityengineerOriginalGriff14-Feb-20 7:32 
GeneralRe: Different value from input Pin
chipp_zanuff14-Feb-20 18:48
Memberchipp_zanuff14-Feb-20 18:48 
GeneralRe: Different value from input Pin
OriginalGriff14-Feb-20 21:21
communityengineerOriginalGriff14-Feb-20 21:21 
AnswerRe: Different value from input Pin
Eddy Vluggen14-Feb-20 7:35
professionalEddy Vluggen14-Feb-20 7:35 
Questionauto fill data by using 3 layer in aso.net c# Pin
Member 1474357913-Feb-20 23:47
MemberMember 1474357913-Feb-20 23:47 
AnswerRe: auto fill data by using 3 layer in aso.net c# Pin
OriginalGriff14-Feb-20 0:39
communityengineerOriginalGriff14-Feb-20 0:39 
Look, it really doesn't matter where you post this: as long as you are not listening to us, you will still be vulnerable to sQL injection.

So I'll say it for the third time in two days:

Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Always use Parameterized queries instead.

When you concatenate strings, you cause problems because SQL receives commands like:
SELECT * FROM MyTable WHERE StreetAddress = 'Baker's Wood'
The quote the user added terminates the string as far as SQL is concerned and you get problems. But it could be worse. If I come along and type this instead: "x';DROP TABLE MyTable;--" Then SQL receives a very different command:
SELECT * FROM MyTable WHERE StreetAddress = 'x';DROP TABLE MyTable;--'
Which SQL sees as three separate commands:
SELECT * FROM MyTable WHERE StreetAddress = 'x';
A perfectly valid SELECT
DROP TABLE MyTable;
A perfectly valid "delete the table" command
--'
And everything else is a comment.
So it does: selects any matching rows, deletes the table from the DB, and ignores anything else.

So ALWAYS use parameterized queries! Or be prepared to restore your DB from backup frequently. You do take backups regularly, don't you?

If you don't listen to what we tell you, there really isn't any point in talking to you ...
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
AntiTwitter: @DalekDave is now a follower!

QuestionWhat is the correct way to do Business Validation on entities? Pin
Bastien Vandamme11-Feb-20 16:00
MemberBastien Vandamme11-Feb-20 16:00 
AnswerRe: What is the correct way to do Business Validation on entities? Pin
Gerry Schmitz11-Feb-20 20:48
mveGerry Schmitz11-Feb-20 20:48 
GeneralRe: What is the correct way to do Business Validation on entities? Pin
Richard Deeming12-Feb-20 0:47
communityengineerRichard Deeming12-Feb-20 0:47 
GeneralRe: What is the correct way to do Business Validation on entities? Pin
Gerry Schmitz12-Feb-20 3:16
mveGerry Schmitz12-Feb-20 3:16 
GeneralRe: What is the correct way to do Business Validation on entities? Pin
Richard Deeming12-Feb-20 3:30
communityengineerRichard Deeming12-Feb-20 3:30 
GeneralRe: What is the correct way to do Business Validation on entities? Pin
Gerry Schmitz12-Feb-20 3:42
mveGerry Schmitz12-Feb-20 3:42 
GeneralRe: What is the correct way to do Business Validation on entities? Pin
Richard Deeming12-Feb-20 3:52
communityengineerRichard Deeming12-Feb-20 3:52 
GeneralRe: What is the correct way to do Business Validation on entities? Pin
phil.o12-Feb-20 3:56
mvephil.o12-Feb-20 3:56 
GeneralRe: What is the correct way to do Business Validation on entities? Pin
Gerry Schmitz12-Feb-20 4:06
mveGerry Schmitz12-Feb-20 4:06 
AnswerRe: What is the correct way to do Business Validation on entities? Pin
Richard Deeming12-Feb-20 1:03
communityengineerRichard Deeming12-Feb-20 1:03 
QuestionHow do create a class property that is a collection of the same class? Pin
Member 1474182311-Feb-20 9:04
MemberMember 1474182311-Feb-20 9:04 
AnswerRe: How do create a class property that is a collection of the same class? Pin
Richard Deeming11-Feb-20 9:46
communityengineerRichard Deeming11-Feb-20 9:46 
GeneralRe: How do create a class property that is a collection of the same class? Pin
Dave Kreskowiak11-Feb-20 10:02
mveDave Kreskowiak11-Feb-20 10:02 
GeneralRe: How do create a class property that is a collection of the same class? Pin
Member 1474182312-Feb-20 1:04
MemberMember 1474182312-Feb-20 1:04 
GeneralRe: How do create a class property that is a collection of the same class? Pin
Richard Deeming12-Feb-20 1:15
communityengineerRichard Deeming12-Feb-20 1:15 
AnswerRe: How do create a class property that is a collection of the same class? Pin
Gerry Schmitz11-Feb-20 15:14
mveGerry Schmitz11-Feb-20 15:14 
AnswerRe: How do create a class property that is a collection of the same class? Pin
Member 1474182312-Feb-20 1:51
MemberMember 1474182312-Feb-20 1:51 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.