Published On Nov 17, 2023
Entity Framework has a neat feature for preventing SQL injection attacks, but it may just encourage developers to write sloppy code.
Source code available at: https://github.com/JasperKent/.NET-8-...
Topics include:
- What is an SQL injection attack
- Other problems caused by using string concatenation with SQL
- String interpolation vs concatenation
- Writing parameterized queries
- Using LINQ to generate parameterized queries
- String interpolation and FormattableString
- Passing FormattableStrings to SQLQuery and SQLQueryRaw
show more