How to Protect a function from SQL Injection

Question

Every unsecured database can be affected by SQL Injection. For many reason a database can be remain unsecured even in a high security environment without knowing by a developer. In this case if I want to protect a single function specially from SQL injection then what can I do?

Hmmm, the example function can be something like this:

public static bool TruncateTable(string dbAlias, string tableName)
{
    string sqlStatement = string.Format("TRUNCATE TABLE {0}", tableName);
    return ExecuteNonQuery(dbAlias, sqlStatement) > 0;
}
How to Protect a function from SQL Injection
4.8 (96%) 5 votes

0
Steve-baker 6 months 0 Answers 73 views Novice 0

Leave an answer

About Steve-bakerNovice