DataTable.Select injection

views:

answers:

DataTable.Select injection

Is there possible to use sql-injection code while invoking DataTable.Select? How can I restrict such vulnerability or get rid of it at all?

Even though I don't know the DataTable.Select-Statement, I would say:

If there is a possibility of an SQL injection always depends on, whether there is user-generated input involved in what you pass to DataTable.Select.

If there is you have to make sure to escape it properly, or in case of integer values, its also fine to make sure, they are of integer type and don't contain text.

JochenJung 2010-07-02 23:39:56

related questions

Subsonic Vs NHibernate

How to check For File Lock in C# ?

Is nAnt still supported and suitable for .net 3.5/VS2008?

Limit size of Queue<T> in .NET?

Viewstate invalid when using Safari

Free OCR library

Unhandled Exception Handler in .NET 1.1

Localising date format descriptors

Get a new object instance from a Type in C#

VFP .NET OLEdb provider does not work in Win 64-Bits. Help

.NET Testing Framework Advice

Embedded Database for .net that can run off a network

Automatically update version number

Homegrown consumption of web services

How do you migrate a large app from VB6 to VB .net ?

.NET Migrations Engine

Adding Scripting functionality to .NET applications

SQLite and XSD

Floating Point Number parsing: Is there a Catch All algorithm?

How do I programmatically create a PDF in my .NET application?

How do I sync the SVN revision number with my ASP.NET web site?

XSD DataSets and ignoring foreign keys

Anatomy of a "Memory Leak"

Reliable Timer in a Console Application

How do I calculate relative time?

ansaurus

tags:

views:

answers:

DataTable.Select injection

related questions