PC world
How can MS's own website fall for a SQL Injection Attack?
Looks like MS did not follow its own rules when it comes to SQL Injections.
-
SecretSoftware
Code to live, but Live to code.
-
Chadk
excuse me - do you has a flavor?
Well. I did expect that a programmer working at microsoft would know how to protect against a SQL injection
-
SecretSoftware
Code to live, but Live to code.
Chadk wrote:
Well. I did expect that a programmer working at microsoft would know how to protect against a SQL injection
I dont know if LINQ will help here.
So long as input is not checked its going to be a problem.
What is the solution to SQL injections?
-
Chadk
excuse me - do you has a flavor?
SecretSoftware wrote:
Chadk wrote:
Well. I did expect that a programmer working at microsoft would know how to protect against a SQL injection
I dont know if LINQ will help here.
So long as input is not checked its going to be a problem.
What is the solution to SQL injections?
SQL Parameters -
Chadk wrote:
Exactly. I can't believe in this day and age people are still using string concatenation.
-
Chadk wrote:
Well. I did expect that a programmer working at microsoft would know how to protect against a SQL injection
Sounds to me as if the programmer was either inexperienced, lazy or both...
Thread Closed
This thread is kinda stale and has been closed but if you'd like to continue the conversation, please create a new thread in our Forums,
or Contact Us and let us know.