Click here to Skip to main content
14,667,494 members
Home » Discussions » ASP.NET
   

ASP.NET

 
GeneralRe: Net Core API question Pin
pkfox22-May-20 7:05
professionalpkfox22-May-20 7:05 
QuestionHow do I multiple group in Active Directory ? Pin
ugurarslanm19-May-20 4:58
Memberugurarslanm19-May-20 4:58 
QuestionHow to invoke POST method by adding [FromBody] attribute in Postman tool Pin
meeram3917-May-20 23:33
professionalmeeram3917-May-20 23:33 
AnswerRe: How to invoke POST method by adding [FromBody] attribute in Postman tool Pin
Richard Deeming18-May-20 1:12
mveRichard Deeming18-May-20 1:12 
GeneralRe: How to invoke POST method by adding [FromBody] attribute in Postman tool Pin
meeram3918-May-20 1:19
professionalmeeram3918-May-20 1:19 
GeneralRe: How to invoke POST method by adding [FromBody] attribute in Postman tool Pin
Stefanie Eberhardt19-May-20 4:29
MemberStefanie Eberhardt19-May-20 4:29 
QuestionAPI fail to use PUT method Pin
feelblue8717-May-20 22:42
Memberfeelblue8717-May-20 22:42 
AnswerRe: API fail to use PUT method Pin
Richard Deeming18-May-20 1:06
mveRichard Deeming18-May-20 1:06 
feelblue87 wrote:
Request Method: GET
You've issued a GET request instead of a PUT request. The error is with your code to call the API, which you haven't shown.

feelblue87 wrote:
string SQLCommand = "UPDATE [dbo].[M_EMP_MASTER] ";
SQLCommand = SQLCommand + "SET ";
SQLCommand = SQLCommand + "[EMP_GENDER] = '" + TempValue + "' ";
SQLCommand = SQLCommand + "WHERE [EMP_CODE] = '" + _EmpCode + "'";
Your code is vulnerable to SQL Injection[^]. NEVER use string concatenation to build a SQL query. ALWAYS use a parameterized query.

Everything you wanted to know about SQL injection (but were afraid to ask) | Troy Hunt[^]
How can I explain SQL injection without technical jargon? | Information Security Stack Exchange[^]
Query Parameterization Cheat Sheet | OWASP[^]

[HttpPut]
[Route("api/PutEmployeeGenderEmpCode/{_EmpCode}")]
public void PutEmployeeGenderEmpCode(string _EmpCode)
{
    const string SQLCommand = "UPDATE [dbo].[M_EMP_MASTER] SET [EMP_GENDER] = @EmpGender WHERE [EMP_CODE] = @EmpCode";
    
    string TempValue = "1";
    
    using (var conn = new SqlConnection(ConnectionString))
    using (var cmd2 = new SqlCommand(SQLCommand, conn))
    {
        cmd2.Parameters.AddWithValue("@EmpGender", TempValue);
        cmd2.Parameters.AddWithValue("@EmpCode", _EmpCode);
        
        CheckConnectionStatus(conn);
        
        conn.Open();
        cmd2.ExecuteNonQuery();
    }
}




"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer

Questionasp.net Pin
lankaudaranga16-May-20 22:01
Memberlankaudaranga16-May-20 22:01 
AnswerRe: asp.net Pin
Mycroft Holmes17-May-20 12:14
professionalMycroft Holmes17-May-20 12:14 
Questiondévelopper et utiliser le web service Pin
Member 1483395815-May-20 21:27
MemberMember 1483395815-May-20 21:27 
Questiondévelopper et utiliser le web service Pin
Member 1483395815-May-20 21:27
MemberMember 1483395815-May-20 21:27 
Questioninsert data into list from form and Pin
Member 1322055210-May-20 23:41
MemberMember 1322055210-May-20 23:41 
Rant[REPOST] insert data into list from form and Pin
Richard Deeming11-May-20 3:18
mveRichard Deeming11-May-20 3:18 
QuestionIServiceCollection / DependencyInjection issue Pin
Super Lloyd7-May-20 20:39
MemberSuper Lloyd7-May-20 20:39 
AnswerRe: IServiceCollection / DependencyInjection issue Pin
Richard Deeming10-May-20 22:01
mveRichard Deeming10-May-20 22:01 
GeneralRe: IServiceCollection / DependencyInjection issue Pin
Super Lloyd11-May-20 19:19
MemberSuper Lloyd11-May-20 19:19 
QuestionSet route in net core api Pin
pkfox5-May-20 7:20
professionalpkfox5-May-20 7:20 
AnswerRe: Set route in net core api Pin
Richard Deeming5-May-20 8:41
mveRichard Deeming5-May-20 8:41 
GeneralRe: Set route in net core api Pin
pkfox5-May-20 10:06
professionalpkfox5-May-20 10:06 
AnswerRe: Set route in net core api Pin
jkirkerx7-May-20 8:58
professionaljkirkerx7-May-20 8:58 
GeneralRe: Set route in net core api Pin
pkfox13-May-20 1:07
professionalpkfox13-May-20 1:07 
GeneralRe: Set route in net core api Pin
jkirkerx13-May-20 5:27
professionaljkirkerx13-May-20 5:27 
QuestionSecuring a Web Project Using ASP.Net Pin
MadDashCoder30-Apr-20 20:01
MemberMadDashCoder30-Apr-20 20:01 
AnswerRe: Securing a Web Project Using ASP.Net Pin
Richard MacCutchan30-Apr-20 21:37
mveRichard MacCutchan30-Apr-20 21:37 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.