string sql = "Select * from tablename where SomeColumn = " + txtBoxValue.Text;
"Select * from tablename where SomeColumn = @SomeColumnValue "
string regexForSQLInjection = @"/\w*((\%27)|(\'))((\%6F)|o|(\%4F))((\%72)|r|(\%52))/ix";
public class AntiForgeryAttribute: IAuthorizationFilter{ public void OnAuthorization(AuthorizationContext authorizationContext) { if (authorizationContext.RequestContext.HttpContext.Request.HttpMethod != "POST") return; new ValidateAntiForgeryTokenAttribute().OnAuthorization(authorizationContext); }}
-- Thanks & Regards, RNA Team
Login to post response