What is a SQL Injection Attack?
A SQL
Injection attack is a form of attack that comes from user input that has not
been checked to see that it is valid. The objective is to fool the database
system into running malicious code that will reveal sensitive information or
otherwise compromise the server.
There are
two main types of attacks. First-order attacks are when the attacker receives
the desired result immediately, either by direct response from the application
they are interacting with or some other response mechanism, such as email.
Second-order attacks are when the attacker injects some data that will reside
in the database, but the payload will not be immediately activated.
Avoiding SQL Injection
protected void Button1_Click(object sender, EventArgs e)
{
string connect = "MyConnString";
string username= Regex.Replace(txtuname.Text.ToString(), "[^-a-zA-Z0-9_./:&()#!@$%^&*?]+",
"", RegexOptions.Compiled);
string Pwd = Regex.Replace(txtpwd.Text.ToString(), "[^-a-zA-Z0-9_./:&()#!@$%^&*?]+",
"", RegexOptions.Compiled);
string query = "Select Count(*) From Users Where Username =
'" + username + "' And Password = '" + Pwd + "'";
int result = 0;
using (var conn = new SqlConnection(connect))
{
using (var cmd = new SqlCommand(query, conn))
{
conn.Open();
result = (int)cmd.ExecuteScalar();
}
}
if (result > 0)
{
Response.Redirect("home.aspx");
}
else
{
Literal1.Text = "Invalid credentials";
}
Using this
string username= Regex.Replace(txtuname.Text.ToString(), "[^-a-zA-Z0-9_./:&()#!@$%^&*?]+",
"", RegexOptions.Compiled);
string Pwd = Regex.Replace(txtpwd.Text.ToString(), "[^-a-zA-Z0-9_./:&()#!@$%^&*?]+",
"", RegexOptions.Compiled);
you will avoid all type of sql injection