Skip to Content
Beginning ASP.NET Web Pages with WebMatrix®
book

Beginning ASP.NET Web Pages with WebMatrix®

by Mike Brind, Imar Spaanjaars
November 2011
Beginner
432 pages
11h 13m
English
Wrox
Content preview from Beginning ASP.NET Web Pages with WebMatrix®

Chapter 11

A Deeper Dive Into Data Access

What you will learn in this chapter:

  • Secure data access
  • How to develop forms for CRUD
  • How to display data using the WebGrid helper

The previous chapter provided you with an introduction to databases, Structured Query Language, and the Database Helper. The last exercise provided a glimpse at how these three things come together with a web page to provide the true basis of dynamic web development: that which relies on the contents of a database to make it current and specific to the user.

You saw that you can filter data with a WHERE clause. The next step is to provide your visitors with the ability to create their own filters, or choose the order in which they can view data, or indeed how much they want to see. Since SQL commands are strings, and as you learned in Chapter 4, strings can be constructed dynamically, this opens the door to a means by which you can provide your users with a way to personalize their data access. However, as with all things powerful, there are potential dangers that you need to manage. But first, you need to understand the potential dangers.

What Is SQL Injection?

Simply stated, SQL injection is a technique whereby a malicious user injects a SQL command with additional legitimate SQL syntax that alters the intended behaviour of the command, and potentially compromises the security of the application that makes use of the SQL command. You may well be scratching your head at the moment, and trying to read that ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

AirBnbBlueOriginElectronic ArtsHomeDepotNasdaqRakutenTata Consultancy Services
QuotationMarkO’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.
Julian F.
Head of Cybersecurity
QuotationMarkI wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.
Addison B.
Field Engineer
QuotationMarkI’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.
Amir M.
Data Platform Tech Lead
QuotationMarkI'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Mark W.
Embedded Software Engineer

You might also like

ASP.NET 4 Unleashed

ASP.NET 4 Unleashed

Stephen Walther, Kevin Hoffman, Nate Dudek
Applied ASP.NET 4 in Context
ASP.NET MVC Framework Unleashed
.NET Windows® Forms Custom Controls

Publisher Resources

ISBN: 9781118050484Purchase book