//Q5. Create a table product having column Id, Name ,Qty, price.
// Using like query display all product starting from letter ‘t’.
// Solve above SQL Injection problem with stored procedure.
static void Main(string[] args)
{
ProductLayer product = new ProductLayer();
product.displayproductstoredprocedure("t'; Delete from Product;Select * from Product where Name like 't"); //has no effect
product.displayproductstoredprocedure("t");
}
//Q5. Create a table product having column Id, Name ,Qty, price.
// Using like query display all product starting from letter ‘t’.
// above SQL Injection problem with parameterised query.
static void Main(string[] args)
{
ProductLayer product = new ProductLayer();
product.displayproductParameterisedQuerry("t'; Delete from Product;Select * from Product where Name like 't"); //has no effect
}
