{"version":"1.0","provider_name":"Blog - Silicon Cloud","provider_url":"https:\/\/www.silicloud.com\/blog","author_name":"Sophia Anderson","author_url":"https:\/\/www.silicloud.com\/blog\/author\/sophiaanderson\/","title":"How to prevent SQL injection in C#?","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"qD5rsakAif\"><a href=\"https:\/\/www.silicloud.com\/blog\/how-to-prevent-sql-injection-in-c\/\">How to prevent SQL injection in C#?<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/www.silicloud.com\/blog\/how-to-prevent-sql-injection-in-c\/embed\/#?secret=qD5rsakAif\" width=\"600\" height=\"338\" title=\"&#8220;How to prevent SQL injection in C#?&#8221; &#8212; Blog - Silicon Cloud\" data-secret=\"qD5rsakAif\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script type=\"text\/javascript\">\n\/* <![CDATA[ *\/\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n\/\/# sourceURL=https:\/\/www.silicloud.com\/blog\/wp-includes\/js\/wp-embed.min.js\n\/* ]]> *\/\n<\/script>\n","description":"In C#, parameterized queries can be used to prevent SQL injection. Parameterized queries involve separating query parameters from the SQL statement, ensuring that input values are properly encoded before being passed to the database. Here is an example of using parametrized query: using (SqlConnection connection = new SqlConnection(connectionString)) { connection.Open(); string query = \"SELECT * [&hellip;]"}