How to prevent Sql-Injection on User-Generated Sql Queries

前端 未结 15 1968
伪装坚强ぢ
伪装坚强ぢ 2021-02-10 11:55

I have a project (private, ASP.net website, password protected with https) where one of the requirements is that the user be able to enter Sql queries that will directly query t

15条回答
  •  予麋鹿
    予麋鹿 (楼主)
    2021-02-10 12:26

    what about this stuff, just imagine the select is an EXEC

    select convert(varchar(50),0x64726F70207461626C652061)
    

提交回复
热议问题