Limiting SQL injection in SQL Server 2005

Tags:
ASP
SQL injection
SQL Server 2005
I have a site in ASP and on the back-end in SQL Server 2005, but I keep finding SQL injection on my site. Is there code that will prevent SQL injection from getting onto my site?

Answer Wiki

Thanks. We'll let you know when a new response is added.

Check your input always! Make sure the input is not garbage and it is what is expected. Remember GIGO! See these articles:

Here is an article on securing your system from SQL injection.

The basic jist of all these articles will be that you need to verify the input prior to the data getting into the database. Once the values are into the database the SQL Server can’t do much to make sure that the data is valid. It needs to be validated before the data gets into the database. The article above on SearchSQLServer.com shows some sample .NET code on how to prevent the bad code from getting into your database.

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Denny Cherry
    Check out my SQL Server blog "SQL Server with Mr Denny" for more SQL Server information.
    66,975 pointsBadges:
    report
  • ToddN2000
    Always verify your input data before building your SQL strings. I takes a little more time but worth the effort.
    25,465 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following