User Id :    Password :      New Member   Forgot Password  
 
Function to Check illegal characters for preventing Sql Injection Attack
Description Here I have written a c# function to check illegal characters for preventing Sql Injection Attack.   No. of Views     2477
  Rating     0
Author Sumit Gupta   Posted On     28 Jul 2011
Tags General    

Sample Code   Download Code

 

With this codesnippet  we can check illegal characters for preventing Sql injection attack

 

Please see below the code

 

/// <summary>
    /// function to check illegal characters for preventing Sql Injection Attack.
    /// </summary>
    /// <param name="data">input data</param>
    /// <returns>result as true if data has illegal character otherwise false</returns>
    public bool IsPotentialSqlInjectionAttack(string data)
    {
        // Check to see whether the data contains illegal character
        // or the string for making comment such as "--" or "/*"
        char[] illegalChars = { ';', '\'', '\\', '"', '=', '%', '_', '*' };
        if((data.IndexOfAny(illegalChars)!=-1) || data.Contains("--") || data.Contains("/*"))
        {
            return true;
        }
        else
        {
            return false;
        }
    }

 

Hope u like this

About Author

About Author I am Sumit Gupta working in 3 Pillar Global Pvt. Ltd as Module Lead. I have 7+ year of experience in .Net technologies. I love to explore new technologies and write technical article. Sumit Gupta
No Photo
 
Country India
Company 3 Pillar Global Pvt. Ltd.
Home Page http://www.facebook.com/sumitgupta1225

Rate this article

Rating options from poor, fair, good, very good to excelent.  
 

Comments

 
 
Posted By Annonymous on 02 Sep 2011 at 10:09 AM
 
That's way more clever than I was epexcting. Thanks!
 
 
   
Write your comment here.
Comment
Verification Code