JC Grubbs JC Grubbs - 1 year ago 296
SQL Question

RegEx to Detect SQL Injection

Is there a Regular Expression that can detect SQL in a string? Does anyone have a sample of something that they have used before to share?

Answer Source

Don't do it. You're practically guaranteed to fail. Use PreparedStatement (or its equivalent) instead.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download