Error!
Success!

Submit a new Story Link

You've got a new story for us? Awesome! Just fill in the details below and fire away...

Does LINQ to SQL eliminate the possibility of SQL Injection

Edit your Story Link

Not quite right the first time? No problem, send us your changes...

Ban this user: Options

Please provide a reason for deleting this story
0
kicks

views: 0
comments: 0

Does LINQ to SQL eliminate the possibility of SQL Injection  (Unpublished)

By default, LINQ to SQL uses parameterized queries rather than concatenated strings when executing your LINQ queries. As a result, if a user tries to perform SQL Injection by improperly escaping parts of the SQL, the escape is considered part of the parameter rather than part of the query and thus avoids the injection. However, as we discussed in chapter 8 of LINQ in Action, LINQ to SQL greatly reduces the possibility of SQL Injection, but doesn't completely eliminate it. For example, if you are using ...
more less
Kicked By:
Drop Kicked By:
0
none
views: 0  
comments: 0  
by (unknown)