Preventing SQL Injection in ADO.NET

K C R

Rate me:

4.57/5 (4 votes)

12 Nov 2012CPOL4 min read

39.5K

233

This article is to help beginners understand what is SQL injection and how to prevent it

SampleHacking.zip
- SampleHacking
  - SampleHacking.sln
  - SampleHacking.suo
  - SampleHacking
    - Account
      - ChangePassword.aspx
      - ChangePassword.aspx.cs
      - ChangePassword.aspx.designer.cs
      - ChangePasswordSuccess.aspx
      - ChangePasswordSuccess.aspx.cs
      - ChangePasswordSuccess.aspx.designer.cs
      - Login.aspx
      - Login.aspx.cs
      - Login.aspx.designer.cs
      - Register.aspx
      - Register.aspx.cs
      - Register.aspx.designer.cs
      - Web.config
    - App_Data
      - UserDetails.mdf
      - UserDetails_log.LDF
    - bin
      - SampleHacking.dll
      - SampleHacking.pdb
    - Default.aspx
    - Default.aspx.cs
    - Default.aspx.designer.cs
    - Global.asax
    - Global.asax.cs
    - obj
      - Debug
        
        DesignTimeResolveAssemblyReferencesInput.cache
        
        SampleHacking.csproj.FileListAbsolute.txt
        
        SampleHacking.csprojResolveAssemblyReference.cache
        
        SampleHacking.dll
        
        SampleHacking.pdb
        
        TempPE
        
        UserDetailsDataSet.Designer.cs.dll
    - Properties
      - AssemblyInfo.cs
    - Redirected.aspx
    - Redirected.aspx.cs
    - Redirected.aspx.designer.cs
    - SampleHacking.csproj
    - SampleHacking.csproj.user
    - Scripts
      - jquery-1.4.1.js
      - jquery-1.4.1.min.js
      - jquery-1.4.1-vsdoc.js
    - SignUp.aspx
    - SignUp.aspx.cs
    - SignUp.aspx.designer.cs
    - Site.Master
    - Site.Master.cs
    - Site.Master.designer.cs
    - Styles
      - Site.css
    - UserDetailsDataSet.Designer.cs
    - UserDetailsDataSet.xsc
    - UserDetailsDataSet.xsd
    - UserDetailsDataSet.xss
    - Web.config
    - Web.Debug.config
    - Web.Release.config
  - SqlInjection Cheat Sheet.txt
SampleHacking-noexe.zip
- SampleHacking.sln
- SampleHacking.suo
- ChangePassword.aspx
- ChangePassword.aspx.cs
- ChangePassword.aspx.designer.cs
- ChangePasswordSuccess.aspx
- ChangePasswordSuccess.aspx.cs
- ChangePasswordSuccess.aspx.designer.cs
- Login.aspx
- Login.aspx.cs
- Login.aspx.designer.cs
- Register.aspx
- Register.aspx.cs
- Register.aspx.designer.cs
- Web.config
- UserDetails.mdf
- UserDetails_log.LDF
- Default.aspx
- Default.aspx.cs
- Default.aspx.designer.cs
- Global.asax
- Global.asax.cs
- SampleHacking.csproj.FileListAbsolute.txt
- AssemblyInfo.cs
- Redirected.aspx
- Redirected.aspx.cs
- Redirected.aspx.designer.cs
- SampleHacking.csproj
- SampleHacking.csproj.user
- jquery-1.4.1.js
- jquery-1.4.1.min.js
- jquery-1.4.1-vsdoc.js
- SignUp.aspx
- SignUp.aspx.cs
- SignUp.aspx.designer.cs
- Site.Master
- Site.Master.cs
- Site.Master.designer.cs
- Site.css
- UserDetailsDataSet.Designer.cs
- UserDetailsDataSet.xsc
- UserDetailsDataSet.xsd
- UserDetailsDataSet.xss
- Web.config
- Web.Debug.config
- Web.Release.config
- SqlInjection Cheat Sheet.txt

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace SampleHacking
{
    public partial class Redirected : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            label.Text = "Welcome to our website "+" "+(string)Session["user"];
        }
    }
}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Written By

K C R

Software Developer (Junior) Aspire Systems

India

Just Started Software development( kind of a kiddo for most software giants here)... Exploring a lot in .NET technology..Want to be a future geek.. so here Smile | :)

Preventing SQL Injection in ADO.NET

License

Comments and Discussions