Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
It’s my first time developing using MVC and I want to make it secure.
When I use HtmlEncode it converts the String to the equivalent HTML String.
The user can enter in the search for example ali’ or ali– and they exist in my database. How to control my search and login from SQL injection please?
Also any tutorial or best practice to prevent script injection?
LINQ and Entity Framework already check for SQL Injection for you.
But you should read the documentation anyhow:
LINQ MSDN Link (section SQL-Injection Attacks)
Entity Framework MSDN Link (section Security Considerations for Queries)
Hope it helps!