Dynamicweb 8 Documentation
SqlEscapeInjection(String,Boolean) Method

Dynamicweb Namespace > Database Class > SqlEscapeInjection Method : SqlEscapeInjection(String,Boolean) Method
The text being checked
Strips a string of all SQL-commands used to create SQL-injection.
Syntax
'Declaration
 

Public Overloads Shared Function SqlEscapeInjection( _ 
   ByVal text As String, _ 
   ByVal escapeApostrophes As Boolean _ 
) As String
public static string SqlEscapeInjection( 
   string text,
   bool escapeApostrophes 
)

Parameters

text
The text being checked
escapeApostrophes
Permissions
PermissionDescription
Value indicating whether to escape single apostrophes by replacing them with double apostrohpes.
Remarks
This function must be used before user input is inserted into SQL-strings. When using Input.Request this is done automatically.
Requirements

Target Platforms: Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

See Also

Reference

Database Class
Database Members
Overload List

Send Feedback