Proper way to instantiate a class

Plateforme Level Extreme

Abonnement

Profil corporatif

Produits & Services

Support

Légal

English

Proper way to instantiate a class

Message

19/12/2005 13:04:11

Rod Paddock
Dash Point Software, Inc.
Gig Harbor, Washington, États-Unis

19/12/2005 12:35:32

Michel Fournier
Level Extreme Inc.
Petit-Rocher, Nouveau-Brunswick, Canada

Information générale

Forum:

ASP.NET

Catégorie:

Conception classe

Titre:

Re: Proper way to instantiate a class

Divers

Thread ID:

01079105

Message ID:

01079249

Vues:

With SQL server (if that is the database in question) somone could inject extra SQL statements where you concatenate your SQL string...

SQL server can process multiple sql statements in a batch. For instance they could enter SELECT * from users or some other statement in the username property you are using and SQL will run another query.

Here's a more detailed article on SQL injection

http://www.4guysfromrolla.com/webtech/061902-1.shtml

You can also google "SQL injection" to find a number of articles on the subject.

Rodman

Rod Paddock
Editor in Chief CoDe Magazine
President Dash Point Software, Inc.
VP Red Matrix Technologies,Inc.

Répondre

Fil

Voir

Click here to load this message in the networking platform