Home/ Questions/Q 570331
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T13:23:24+00:00

I have re-written my code after great help from some friendly stack overflow members

  • 0

I have re-written my code after great help from some friendly stack overflow members (big thanks to Martin B and Kev Chadders especially). I would now like to check if my code is still open to SQL Injections after this work. I believe the code is now working as it should, but any blinding errors that you see i’d love to hear about too. My code is now looking like:

   -code removed-
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    It seems you are safe from SQL injection attacks, but code like this:

    Response.Write(result);

    and:

    Response.Write("<b><u> --- Begin SQL Exception Message ---</u></b><br />")
Response.Write(ex)
Response.Write("<br /><b><u> --- End SQL Exception Message ---</u></b>")

    could leave you open for other forms of attack such as XSS. You should set the text element of an ASP.NET control, not directly write to the page.

    • 0