lapucca
asked on
What's the best practice to prevent malicious hacker from entering inappropriate input?
Hi, I'm using VS2013, asp.net web form and C#.
I have a textbox in this form that users can enter some text which I would use as a key to submit to an API call to retrieve some data back from a database. What's the best practice I should have in my Asp.net or C# code prevent potential malicious input like sql or scripting as input?
Thank you.
I have a textbox in this form that users can enter some text which I would use as a key to submit to an API call to retrieve some data back from a database. What's the best practice I should have in my Asp.net or C# code prevent potential malicious input like sql or scripting as input?
Thank you.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you.
ASKER
To prevent sql injection, use bind variables with prepared statements. - How to do this? Any example url?
Thank you for input so far.