No announcements
Found 2738718 threads
-
1 VotesSQL Injection in LINQ Object Query
where condition dynamically as a SQL string but on other hand the query is parameterized. In this scenario, is SQL injection ...Unanswered | 3 Replies | 2763 Views | Created by venkyzealous - Sunday, November 30, 2014 2:29 PM | Last reply by darnold924 - Monday, December 1, 2014 1:48 AM
-
0 Votes
Implementing security at entity frame work
http://msdn.microsoft.com/en-us/library/cc716760.aspx> <copied> Although query composition is possible in LINQ to Entities, it isAnswered | 1 Replies | 1838 Views | Created by sujithu - Friday, November 4, 2011 7:20 AM | Last reply by darnold924 - Friday, November 4, 2011 12:25 PM -
0 Votes
LINQ to sql injection?
point there's no further tracing with reflector. I haven't looked at what Linq does. The source is so abstract, I fear my head would ...Answered | 10 Replies | 3034 Views | Created by Jeff - www.SRSoft.us - Thursday, May 8, 2008 7:03 PM | Last reply by ReneeC - Friday, May 9, 2008 3:18 AM -
1 Votes
EntityClient vs Object Services vs Linq to Entities
programmatically (but still in a safe way that doesn't allow sql injection or the like). Yes, there are three layers here, but ...Answered | 2 Replies | 6255 Views | Created by Russell G - Wednesday, August 1, 2007 1:02 PM | Last reply by simmdan - Wednesday, August 1, 2007 10:33 PM -
0 Votes
Linq to SQL : missed SQL injection
SQL injections are missed in code using Linq to SQL: static void Main(string[] args) { DataContext dc = new ...Answered | 1 Replies | 8329 Views | Created by p.b.a - Friday, May 1, 2009 8:02 PM | Last reply by degroves - Tuesday, May 5, 2009 3:28 PM -
0 Votes
SQL query in LINQ
Hi, I am new to LINQ and was wondering how I would write the following SQL query in ...Answered | 2 Replies | 3254 Views | Created by Lawrence 007 - Tuesday, December 11, 2007 12:23 PM | Last reply by Lawrence 007 - Tuesday, December 11, 2007 1:25 PM -
0 Votes
sql injection?
. Here's a quote from the top of the article: SQL injection is an attack in which malicious code is inserted into strings that are ...Answered | 1 Replies | 6022 Views | Created by pavankumarkavety - Friday, November 13, 2009 4:51 AM | Last reply by Kraig Brockschmidt [MSFT] - Sunday, November 15, 2009 9:06 PM -
0 Votes
SQL Injection
SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing andAnswered | 6 Replies | 4015 Views | Created by Brahma Reddy A - Saturday, August 27, 2011 6:54 AM | Last reply by Naomi N - Sunday, August 28, 2011 3:04 AM -
0 Votes
SQL Injection ?
mine was hit by an attacker which purchased an item, and then (using SQL injection) went in and marked the record as "paid".Answered | 1 Replies | 5415 Views | Created by vSubramaniam - Wednesday, January 2, 2008 6:37 PM | Last reply by Josh Poley - Thursday, January 3, 2008 12:04 AM -
2 Votes
SQL Injection
Use only parameterized stored procedure and avoid using dynamic sql and then you will not have to check for SQL InjectionBest Regards, Uri Dimant SQL ...Answered | 2 Replies | 4137 Views | Created by VijayKSQL - Friday, April 20, 2012 7:14 PM | Last reply by Uri Dimant - Sunday, April 22, 2012 7:31 AM -
0 Votes
SQL injection
SQL injection can be controlled by the string validations. If you don't useAnswered | 2 Replies | 5110 Views | Created by nKognito - Thursday, March 13, 2008 9:24 AM | Last reply by Manivannan.D.Sekaran - Thursday, March 13, 2008 9:29 AM -
0 Votes
SQL injection
Hi All What is Sql Injection? how its work ? can anyboby help 4 ...Answered | 1 Replies | 3359 Views | Created by Sajesh Kumar S P - Monday, October 22, 2007 2:51 PM | Last reply by ScubaSteve20001 - Monday, October 22, 2007 2:59 PM -
0 Votes
SQL Injection
Statements are the root cause for SQL Injection; so you should always use parameterize queries; see MSDN Using Parameters inAnswered | 1 Replies | 1909 Views | Created by Mayur-DEW - Wednesday, April 3, 2013 7:34 PM | Last reply by Olaf Helper - Wednesday, April 3, 2013 7:51 PM -
0 Votes
SQL Query in LINQ
Hi I am trying to build a SQL query that works 100% in SQL server in stored procedure for fetching records on dynamic criteria like it ...Answered | 6 Replies | 3896 Views | Created by Syed Emad - Monday, July 25, 2011 2:30 PM | Last reply by Crick3t - Wednesday, July 27, 2011 12:47 PM -
1 Votes
Invalid Object Name in simple LINQ query
I get the following exception on a simple LINQ query to the NorthWindCTP database as follows; [1] Unhandled Exception: System.Data.SqlClient.SqlException: Invalid ...Answered | 2 Replies | 9932 Views | Created by Shawnk - Monday, December 4, 2006 9:17 PM | Last reply by Shawnk - Thursday, December 7, 2006 1:52 PM -
0 Votes
SQL Injection
Dear all, Our system involved classic asp and sql server 2005 Recently, we found that some data was modified by some users and we found sql ...Answered | 1 Replies | 26851 Views | Created by winipcfg - Monday, November 9, 2009 7:34 AM | Last reply by Ashru - Monday, November 9, 2009 12:49 PM -
0 Votes
LINQ and SQL query
in gridview ? According to your description, it seems that the condition of LINQ and SQL statement are not the same, please modify your LINQ ...Answered | 5 Replies | 946 Views | Created by rebmaamberrebmaamber - Saturday, June 25, 2016 5:37 AM | Last reply by Zhanglong Wu - Monday, June 27, 2016 8:21 AM -
1 Votes
SQL Injection
First, sql generally uses single quotes as string delimiter. Second, I do think parameters are safe for sql injection if you use them directly in ...Answered | 3 Replies | 2254 Views | Created by Scott_Hanebutt - Wednesday, August 15, 2012 5:44 PM | Last reply by Alex Jean - Wednesday, August 15, 2012 6:29 PM -
0 Votes
SQL Injection
* from Customer where CustomerID Like '% " + name + "%' "; Now im replacing all ' quotes with 2 ' '. Is it still possible to do SQL Injection into ...Unanswered | 8 Replies | 2875 Views | Created by Jbr10ba - Tuesday, September 9, 2008 4:58 PM | Last reply by PaulLinton - Monday, January 21, 2013 7:42 AM -
0 Votes
SQL Injection
manipulating the query string etc,and giving the result like the database is vulnarable or not. I have got one called 'Absinthe' but not able to make it work. Can you help ...Answered | 6 Replies | 7788 Views | Created by Chetan D - Monday, January 15, 2007 9:12 AM | Last reply by Geert Verhoeven - Monday, January 15, 2007 11:10 AM - Items 1 to 20 of 2738718 Next ›
No announcements
