.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal

Home >> Forum >> ASP.Net >> Post New QuestionBookmark and Share Subscribe to Forum

ASP.NET - SQL injection and HTML injection

Posted By: Sruthi Keerthi     Posted Date: September 18, 2009    Points:2   Category :ASP.Net
Would you please let me know how to prevent SQL injection and HTML injection on an ASP.NET website?

Would you please also provide a reference document or web references (If needed).

Thanks and Regards..
Shruthi Keerthi.

Author: Rahul             
Posted Date: September 18, 2009     Points: 5   


SQL injection is all about how you are building you sqlquery and querying the data from database.

SQL injection is a trick to inject SQL query/command as an input possibly via web pages. Many web pages take parameters from web user, and make SQL query to the database. Take for instance when a user login, web page that user name and password and make SQL query to the database to check if a user has valid name and password. With SQL Injection, it is possible for us to send crafted user name and/or password field that will change the SQL query and thus grant us something else.

Check out this articles about SQL injection and help you to build you SQL query and also how to handle SQL Injection.


Post Reply

You must Sign In To post reply
Find more Forum Questions on C#, ASP.Net, Vb.Net, SQL Server and more Here
Quick Links For Forum Categories:
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  OOPs  SilverlightIISJQuery

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend