Results 1 to 16 of 16

Thread: what method is secure to insert and update into database ?

Threaded View

  1. Sep 8th, 2017, 01:24 AM #1
    khabib28
    khabib28 is offline

    Thread Starter
    Lively Member
    Join Date
    May 2017
    Posts
    75

    what method is secure to insert and update into database ?

    i'm using access database
    this my code to insert :
    Code:
    sql = "insert into customer([nid_c],[name_customer]" & "values(?,?)"
cmd = New OleDbCommand(sql, conn)
With cmd.Parameters
          .Add(New OleDbParameter("@nid_c", CType(cusnid.Text, String)))
          .Add(New OleDbParameter("@name_customer", CType(cusname.Text, String)))
End With
    this my code to update :
    Code:
    sql = "update customer set name_customer=? where nid_c = '" & cusnid.Text & "'"
cmd = New OleDbCommand(sql, conn)
With cmd.Parameters
          .Add(New OleDbParameter("@nama_customer", CType(cusnama.Text, String)))
End With
    is secure to avoid sql injection ?
    Last edited by khabib28; Sep 8th, 2017 at 01:28 AM.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules


Click Here to Expand Forum to Full Width