How do I protect this function from SQL injection?
Posted
by dwbanks
on Stack Overflow
See other posts from Stack Overflow
or by dwbanks
Published on 2009-12-07T18:44:23Z
Indexed on
2010/05/20
9:50 UTC
Read the original article
Hit count: 157
public static bool TruncateTable(string dbAlias, string tableName)
{
string sqlStatement = string.Format("TRUNCATE TABLE {0}", tableName);
return ExecuteNonQuery(dbAlias, sqlStatement) > 0;
}
© Stack Overflow or respective owner