MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.
The connection string in the web.config file is encrypted using RSA with a Machine-Level Key Container.
Sub Read() Using connection As New SqlConnection(ConfigurationManager.ConnectionStrings("LocalSqlServer").ToString()) Const queryString As String = "SELECT Name from Users where SAPID = @SAPID" Dim command As New SqlCommand(queryString, connection) Dim parUsername As New SqlParameter("@SAPID", SqlDbType.VarChar, 20) parUsername.Value = TextBox1.Text command.Parameters.Add(parUsername) command.Connection.Open() Using reader As SqlDataReader = command.ExecuteReader(CommandBehavior.CloseConnection) ' Call Read before accessing data. If reader.HasRows Then While reader.Read() Label1.Text = reader("Name") End While End If End Using End Using End Sub
Can someone tell me whey the SQL statement above is Vulnerable.
<connectionStrings> <add name="LocalSqlServer" connectionString=";Database=;User ID=;Password=;Trusted_Connection=False;"/> </connectionStrings>
Join the community of 500,000 technology professionals and ask your questions.
Connect with top rated Experts
12 Experts available now in Live!