E
Eugene Anthony
How do I secure the code bellow from possible sql injection?
SqlConnection cnn2 = new
SqlConnection(ConfigurationManager.ConnectionStrings["myConnection"].Con
nectionString);
SqlCommand myCommand2 = new SqlCommand();
myCommand2.Connection = cnn2;
myCommand2.CommandText = "INSERT Authentication (email,
firstname,lastname,password,country,postalcode,dob,Gender,type)
VALUES('" + email + "','" + firstname + "','" + lastname + "','" +
password + "','" + country + "'," + int.Parse(postalcode) + "," + dob +
",'" + gender + "','user')";
SqlDataAdapter myAdapter2 = new SqlDataAdapter(myCommand2);
DataSet ds2 = new DataSet();
myAdapter2.Fill(ds2, "Authentication");
Please note that im using ms sql 7 along with asp.net 2.0 with C#.
Eugene Anthony
SqlConnection cnn2 = new
SqlConnection(ConfigurationManager.ConnectionStrings["myConnection"].Con
nectionString);
SqlCommand myCommand2 = new SqlCommand();
myCommand2.Connection = cnn2;
myCommand2.CommandText = "INSERT Authentication (email,
firstname,lastname,password,country,postalcode,dob,Gender,type)
VALUES('" + email + "','" + firstname + "','" + lastname + "','" +
password + "','" + country + "'," + int.Parse(postalcode) + "," + dob +
",'" + gender + "','user')";
SqlDataAdapter myAdapter2 = new SqlDataAdapter(myCommand2);
DataSet ds2 = new DataSet();
myAdapter2.Fill(ds2, "Authentication");
Please note that im using ms sql 7 along with asp.net 2.0 with C#.
Eugene Anthony