May was a big month for new releases from Linux Academy! Take a look at what our team built recently in our blog. You can access the newest releases from our blog.
The connection string in the web.config file is encrypted using RSA with a Machine-Level Key Container.
Sub Read() Using connection As New SqlConnection(ConfigurationManager.ConnectionStrings("LocalSqlServer").ToString()) Const queryString As String = "SELECT Name from Users where SAPID = @SAPID" Dim command As New SqlCommand(queryString, connection) Dim parUsername As New SqlParameter("@SAPID", SqlDbType.VarChar, 20) parUsername.Value = TextBox1.Text command.Parameters.Add(parUsername) command.Connection.Open() Using reader As SqlDataReader = command.ExecuteReader(CommandBehavior.CloseConnection) ' Call Read before accessing data. If reader.HasRows Then While reader.Read() Label1.Text = reader("Name") End While End If End Using End Using End Sub
Can someone tell me whey the SQL statement above is Vulnerable.
<connectionStrings> <add name="LocalSqlServer" connectionString=";Database=;User ID=;Password=;Trusted_Connection=False;"/> </connectionStrings>
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
Join the community of 500,000 technology professionals and ask your questions.