Use Regular Expression (FROM System.Text.RegularExpressions Assembly) to Validate and Filter Out what you need.
On Mon, Nov 15, 2010 at 4:16 PM, Jamie Fraser <[email protected]>wrote: > Validate your user input using appropriate validators. > > Use SQL Parameters in all your queries. > > > > > On Sat, Nov 13, 2010 at 5:33 PM, Davej <[email protected]> wrote: > >> After reading about SQL injection security issues... >> >> http://en.wikipedia.org/wiki/SQL_injection >> http://msdn.microsoft.com/en-us/library/ms161953.aspx >> >> I started wondering about the most efficient ways to filter a string. >> For a simple 12/31/2010 txtbox date string I just decided to convert >> the string to a char array and use a loop and testing with ascw(). I >> know there are string functions like str.remove and str.replace but I >> don't know if there are any that can be used in a particularly >> efficient way for this. Ideas? Thanks. >> > >
