Answer Posted / kerem kusmezer

Sql Injection is one of the input manipulation attacks,
which in case the sql statement is directly buildup from an
string concatanation, in which the user can change through
entry the result sql statement.

For Example:

select top 1 username from users where username
= '&txtusername.Text&'.
If the user enters the text with ' or -- he can add more
command to the outcoming sql statement and change the query
set.

How to read data with the sqldatareader ?

985

---

Explain the difference between data reader and data set?

930

---

What is ole access?

948

---

What are the data access namespaces in .NET?

1212

---

What provider ado.net use by default? Explain the role of data provider in ado.net?

971

---

What is difference between ado.net and asp net?

1045

---

Is datareader faster than datatable?

967

---

Which is better ole db or odbc?

911

---

What are the rules to implement connection pooling?

1070

---

What is ole db and odbc?

926

---

What are advantages of microsoft-provided data provider classes in ado.net?

1006

---

What is isolation?

1026

---

Explain the difference between ado and ado.net?

941

---

What is namespace in ado.net?

1022

---

Describe the command object and its method.

1005

---