Prepared Statement:: Topic Class Mode Week
Prepared Statement:: Topic Class Mode Week
WEEK week11
prepared statement :
Prepared statements are resilient against SQL injection as an attacker cannot
change the intent of a query.
photo1
ch4 1
if we try to write malisios input , 12345 OR 1=1 he wont take the OR like boolean
operator.
when we create the prepared statement we write a full query and we left certain
values empty,(parameters) replaced with[?]
like in the photo1.
3. execute : after the compiler we expected the prepared statement into the
database.
ch4 2
Avoid Writing Pure SQL – Security Use LINQ:
ch4 3