MCQs > IT & Programming > ASP.NET > What is wrong with this code? string email = emailTextbox; string SQL = 'select * from users where username = '+email+' '; SqlCommand myCommand = new SQLCommand(SQL, myConnection) try { myConnection.Open(); SqlDataReader myReader=myCommand.ExecuteReader(); if (myReader.Read()) { ...

ASP.NET MCQs

What is wrong with this code? string email = emailTextbox; string SQL = "select * from users where username = "+email+" "; SqlCommand myCommand = new SQLCommand(SQL, myConnection) try { myConnection.Open(); SqlDataReader myReader=myCommand.ExecuteReader(); if (myReader.Read()) { ...

Answer

Correct Answer: the string email will not have the right value and the SQL is subject to injection attacks.

Explanation:

Note: This Question is unanswered, help us to find answer for this one

ASP.NET Skill Assessment

Overall Skill Level-Poor

Your Skill Level: Poor

Retake Quizzes to improve it

search

ASP.NET Skill Assessment

Overall Skill Level-Poor

Your Skill Level: Poor

Retake Quizzes to improve it