Is Nhibernate Vulnerable to SQL Injection?

views:

145

answers:

+5 Q:

Is Nhibernate Vulnerable to SQL Injection?

Just wanted to know if there is a big chance to inject SQL While using nhibernate?

+7 A:

If you're using the criteria generators then no. nHibernate is aware of the .Net types and is consequently able to handle all escaping for you when generating queries.

Unparameterized HQL is vulnerable however.

Spencer Ruport 2009-09-01 04:11:00

related questions

Backup SQL Schema Only?

Sql to query a dbs scheme

Timer-based event triggers

Sql query, count and group by

Paging SQL Server 2005 Results

SQL 2005 For XML Explicit - Need help formatting

How do I use T-SQL Group By

What all do I need to escape when sending a (My)SQL query?

Split String in SQL

Datatable vs Dataset

ASP.NET MVC "CRUD" Database Sample

Convert HashBytes to VarChar

Best Book for a new Database Developer

What is the best way to avoid SQL injection attacks?

What language do you use for Postgresql triggers and stored procedures?

What is the best way to handle multiple permission types?

How do I index a database field

Swap unique indexed column values in database.

cx_Oracle - what is the best way to iterate over a result set?

cx_Oracle - How do I access Oracle from Python?

Is there a version control system for database structure changes?

How to export data from SQL Server 2005 to MySQL

ASP.NET Site Maps

Decoding T-SQL CAST in C#/VB.net

Flat File Databases in PHP

ansaurus

tags:

views:

answers:

Is Nhibernate Vulnerable to SQL Injection?

related questions