Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Software >> Microsoft Related >> ADO.NET
  2. Suggest New Category

what is sql Injection?

Question Posted / swapna

Answers were Sorted based on User's Feedback



what is sql Injection?..

Answer / alok saxena

SQl Injection is used by hacker or professional to damage
the data through intellectaul technique. For example, in
this text box , If I write SQL statement in such a way that
effect its database. example " hi, 'delete * from emp;'

This is what We say to inject in Sql by writing DML in
textbox.

Is This Answer Correct ?    7 Yes 1 No

what is sql Injection?..

Answer / kerem kusmezer

Sql Injection is one of the input manipulation attacks,
which in case the sql statement is directly buildup from an
string concatanation, in which the user can change through
entry the result sql statement.

For Example:

select top 1 username from users where username
= '&txtusername.Text&'.
If the user enters the text with ' or -- he can add more
command to the outcoming sql statement and change the query
set.

Is This Answer Correct ?    2 Yes 0 No

what is sql Injection?..

Answer / srikant dwibedi

SQL Injection is he process of passing SQL code into an
application in a way that was not intended by the
application developer or it is a strategy for attacking
databases.

Example
An ASP page asks the user for a name and a password.
SELECT FROM users WHERE username="whatever" AND
password="mypassword".
It seems safe,but it is not. A user might enter somthing
like this 'OR 1>0....
when this is plugged into the SQL statewments the result
looks like this:
SELECT FROM users WHERE username="OR 1>0 " AND
password=" ";
This injectin comments out of the password portion of the
statement. It results in a list of all the names in the
users table. So any user could get into your system.

Is This Answer Correct ?    3 Yes 2 No

what is sql Injection?..

Answer / vinod

When a haker gives input like username = vinod@gmail.com and
password = a' or 'x' = 'x-- than user name will be accepted
and password x=x will always true so system can allow to
haker to login.

Is This Answer Correct ?    2 Yes 1 No

Post New Answer

More ADO.NET Interview Questions

Which one of the objects is a high-level abstraction of the connection and command objects in ado.net?

0 Answers  

Can a DataReader be used as a DataSource for a GridView. If it is so how will you handle paging.

3 Answers   Directi,

What are the Data providers in ADO.Net?

0 Answers  

What is executescalar and executenonquery?

0 Answers  

How can we check that some changes have been made to dataset since it was loaded?

0 Answers  

What is ado.net components?

0 Answers  

What do you know about ADO.NET's objects and methods?

0 Answers   NA,

What is commandbuilder in ado.net?

0 Answers  

What are the data providers used in ado.net

0 Answers  

How xml files and be read and write using dataset ?

1 Answers  

what is different between SqlCommand object and Command Behaviour Object

3 Answers  

How to retrieve the user id which is provided while windows authentication?

0 Answers   Cap Gemini,

For more ADO.NET Interview Questions Click Here
Categories