tag:blogger.com,1999:blog-6718406939865222936.post7762854514467302478..comments2024-03-16T20:51:58.301+01:00Comments on the web thought: ASP: avoid SQL injectionsMarco Del Cornohttp://www.blogger.com/profile/00863522198118005628noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-6718406939865222936.post-82787246758133001302017-11-12T15:12:50.942+01:002017-11-12T15:12:50.942+01:00What if someone wants to enter a genuine percentag...What if someone wants to enter a genuine percentage, eg, 50% of X,<br />Or needs to enter their surname as O'Hara?Fredhttp://propertyclubinternational.comnoreply@blogger.comtag:blogger.com,1999:blog-6718406939865222936.post-525947424955210902012-05-05T07:19:39.661+02:002012-05-05T07:19:39.661+02:00I'm not compltely sure, but I think you're...I'm not compltely sure, but I think you're safe.<br />To be sure, just try to use the above parameters and see what happens :-)Marco Del Cornohttps://www.blogger.com/profile/00863522198118005628noreply@blogger.comtag:blogger.com,1999:blog-6718406939865222936.post-54718785477381132042012-05-04T22:30:32.187+02:002012-05-04T22:30:32.187+02:00Hi Marco,
Nice article. I work a lot with DreamWe...Hi Marco,<br /><br />Nice article. I work a lot with DreamWeaver. How save are the SQL queries produced by Dreamweaver like:<br /><br />rsRecordset_cmd.CommandText = "SELECT * FROM tbl_test WHERE autoID = ?"<br /><br />rsRecordset_cmd.Parameters.Append rsRecordset_cmd.CreateParameter("param1", 5, 1, -1, rsRecordset__MMColParam) ' adDoubleStill_aspnoreply@blogger.com