posted on Tuesday, February 03, 2004 9:37 PM by stefandemetz

Hardening ASP.NET - avoid SQL injection (ouch !!) - Part 2

Eli Robillard has done it nicely

Edited :

As has Robert Hurlbut here

addendum: sanitize input of ASP.NET web controls

eg for your custom &  derived TextBox

<EditorBrowsableAttribute(EditorBrowsableState.Always)> _

Public Overrides Property Text() As String

Get

Return sanitizeString(_inputText)

End Get

Set(ByVal Value As String)

_inputText = Value

End Set

End Property

Function sanitizeString()

' blah blah blah

End Function

 

 

Comments