I ‘d like to enable the user to apply a custom filter to a

Question

0

Asked: May 30, 20262026-05-30T02:35:27+00:00 2026-05-30T02:35:27+00:00

I ‘d like to enable the user to apply a custom filter to a

0

I ‘d like to enable the user to apply a custom filter to a System.Data.DataTable.
At the moment I have a very simple function like this:

   Dim result = dataTable.Select(txtUserInput.Text)

With the filtered results I’d like to do further operations(e.g. Database Update/Delete).

Is an sql injection protection needed or is the “Select” function secure?

Thank you

//Edit:
The main question is: Can the “select” function be abused to manipulate any data in the datatable, execute code, …? If the only danger is that this function can return to much/to less data there is no problem. But if the data in the dataset gets corrupted it’s a real problem.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-30T02:35:29+00:00

You don’t need protection in that instance – DataTable.Select is applying a filter to the DataRows held in-memory within that DataTable, it’s not actually connecting to/executing anything against the database.

You would need protection if you were taking that user input and building it into a SQL statement you then execute against the db to e.g. initially fill the DataTable. In that case, best thing is to parameterise the statement.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I ‘d like to enable the user to apply a custom filter to a

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply