TECHNOLOGIES
FORUMS
JOBS
BOOKS
EVENTS
INTERVIEWS
Live
MORE
LEARN
Training
CAREER
MEMBERS
VIDEOS
NEWS
BLOGS
Sign Up
Login
No unread comment.
View All Comments
No unread message.
View All Messages
No unread notification.
View All Notifications
Answers
Post
An Article
A Blog
A News
A Video
An EBook
An Interview Question
Ask Question
Forums
Monthly Leaders
Forum guidelines
yokzu
NA
306
0
Quotation error on SQL query
Jun 6 2011 7:59 AM
Hello,
Im using a form program that connecting to a access db. It is working normally. But when I use " ' " in SQL query, Im getting;
Syntax error in string in query expression 'na'me'.
This is SQL injection problem I think but I dont how to solve?
...
while (dongu < satir_sayisi)
{
string query = "SELECT * FROM name WHERE name='" + str[dongu] + "\'";
OleDbCommand komut = new OleDbCommand(query, conn);
OleDbDataReader rdr; ---> error on this line
rdr = komut.ExecuteReader();
...
Reply
Answers (
3
)
web2.0
Please Help - RowStyle Event