nettiers

executing queries with datetime in WHERE clause

I use sql server 2008 R2 as a data store. Until now on the test machine I had the english version of the software and used to make queries formatting the datetime field as fromDate.ToString("MM/dd/yyyy"); now I have deployed the database on another server which is in the italian language. I shall change the format in my code to fro...

nettiers Utility.DetectSqlInjection flagging wrong words

We are using .nettiers as our DAL and also using the Utility.DetectSqlInjection for extra security. We hit an odd error today, Someone tried to enter "Executive" into a title textbox, and the Utility.DetectSqlInjection is saying this is an injection attack. It looks as thought it is seeing the "EXEC" command used to execute sql command...