I have this controller method below:
[HttpPost]
public ActionResult Login(UserDetails userdetails)
What did I do so far ?
ModelState.IsValid()
in ServerSide to check. Are these two checks enough or How should I make sure that userDetails.UserName
is free from Injected SQL ? (Like 1=1 SQL Injection attacks)
使用实体框架,Dapper或常规参数化查询应足够。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.