string queries = "select name from employe; select id from dept";
for (int i=0; i < queries.Length; i++) { OracleCommand cmd = new OracleCommand(queries[i].ToString(), con); OracleAdapter oda = new OracleDataAdapter(cmd); oda.fill(ds,queries[i]); }
for (int i=0; i < queries.Length; i++) { racleCommand cmd=new OracleCommand(queries[i].ToString(), con); OracleAdapter oda= new OracleDAtaAdapter(cmd); oda.Fill(ds, queries[i]); }
Quote:How to prevent SQL inject for direct SQL commands in ASP.NET for oracle database
Ex: string queries = "select name from employe; drop employe";
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)