Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > ASP.NET and ASP > ASP.NET 2.0 > ASP.NET 2.0 Basics
Password Reminder
Register
| FAQ | Members List | Search | Today's Posts | Mark Forums Read
ASP.NET 2.0 Basics If you are new to ASP or ASP.NET programming with version 2.0, this is the forum to begin asking questions. Please also see the Visual Web Developer 2005 forum.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the ASP.NET 2.0 Basics section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
Reply
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old May 17th, 2006, 03:26 PM
Authorized User
Points: 333, Level: 6
Points: 333, Level: 6 Points: 333, Level: 6 Points: 333, Level: 6
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Apr 2005
Location: Fresno, California, USA.
Posts: 94
Thanks: 0
Thanked 0 Times in 0 Posts
Default SQL vs ASP.NET..escape characters haunting

Hey all,

I have a crazy predictament. Seeing how I am gettng the login directly from windows anyway, i have not been needing to worry too much about sql inject but i would like to uniform everything.
I use WindowsIdentity to retrieve a login which comes like "domain\login". When I put this info into a parameter and send it over as a query it comes over like this:
domain\\login

If I put it directly in the query string like this:
@"Select * where loginid = '" + curruser.Name + "'";
 It will work, anyone have an explaination and way around this so I can parameterize this?

I do know that \ is an escape character and needs to be \\ to be seen as a single on in a string but SQL doesn't follow the same rules hehe.


Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ASP.NET 1.1,VB.NET,crystal reports, SQl server gvi Crystal Reports 1 September 11th, 2008 02:55 AM
Enabling Arabic characters in ASP.NET-Oracle Appli abinashpatra ASP.NET 1.0 and 1.1 Basics 0 November 8th, 2005 12:21 AM
XML escape characters ACE2084 XML 0 September 9th, 2005 03:12 PM
how to escape special characters? reddygaru XML 2 December 16th, 2003 07:13 AM



All times are GMT -4. The time now is 07:09 PM.


Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.