Parameters and SQL Injection asp.net – Q&A

To the best of my knowledge, you can’t actually ‘paramaterize’ database names/table names. String.Format does not solve SQL injection in this case …

Related:

  • No Related Posts

Leave a Reply