Home/ Questions/Q 505729
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T06:37:42+00:00

how to prevent security leaks in my own created form which data I write

  • 0

how to prevent security leaks in my own created form which data I write into my db?

Basicly I thought to replace the dangerous chars (”,””,~,….)… but I don’t know how to do that in a clean way for each formular element ( more than 20)…

I don’t know if asp.net provides an easy thing for that.? Ok the validators I do already some validation but at least I like to remove all all the dangerous and exotic chars.

I don’t like to make a replace function for each textbox in my formular… Hope there is an other solution which works for all simple and properly.

thank you

EDIT: OK. I do the insert with a function of the API of the CMS Kentico. So of course it’s paremeterized there.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You should to use parametrized queries; this way your user can’t inject SQL.

    SqlCommand command = new SqlCommand(
    "SELECT * FROM Table WHERE ID=@Id", connection);
command.Parameters.AddWithValue("@Id", 1);
    • 0