Programalama > C#

C# / Sql Injection Protection

Günümüzde Hemen Hemen Herkesin Bildigi Bu Olaya Basit Ama Etkili Bir Çözüm. Sayfanizdaki Textbox'tan Gelen Degiskenlerinizi Spde Veya Kendi Querynizde Kullanmadan Önce Fonksiyondan Geçirmeniz Yeterli

Etiketler: sql, injection, protection

Ort. 0

Puan ver:

hazirkod 27 June 19:34 0

0 kişiden 0 puan aldı

6746

public string KillSqlInjectionWords(string WithBadChars)
{
      string [] SqlInjectionKeywords = {    "select", 
                                                                   "drop", 
                                                                   ";", 
                                                                   "--",
                                                                   "insert", 
                                                                   "delete", 
                                                                    "xp_",
                                                                    "sp_",
                                                                    "exec",
                                                                     "'"
                                          };            
     string WithoutBadChars = "" ;
     for (int i = 0; i < SqlInjectionKeywords.Length; i++)
        {
WithoutBadChars = WithBadChars.Replace(SqlInjectionKeywords[i],"");
WithBadChars = WithoutBadChars ;
        }
    return WithoutBadChars;
}