Dynamic LINQ - Knowledge Base (KB)

2 results in tag: sql-injection

Dynamic LINQ with direct user input, any dangers?

I have a table in a ASP.NET MVC application that I want to be sortable (serverside) and filterable using AJAX. I wanted it to be fairly easy to use in other places and didn't feel like hardcoding the sorting and filtering into query expressions so I looke...

c# dynamic-linq linq sql-injection

asked by JulianR

Safe dynamic column name in dynamic LINQ

I'm trying to create a dynamic WHERE clause with LINQ. I have a working example but I'm worried that it's not safe from SQL injection....The following LINQ code:...var oQuery = _db.People.Where("FirstName.Contains(@0)", "kev"); ...produces the following S...

dynamic-linq entity-framework linq-to-entities sql-injection

asked by Kevin Cloet

Page 1 of 1

Prime Library

Performance

Entity Framework Extensions
Entity Framework Classic
Bulk Operations
Dapper Plus

Expression Evaluator

C# Eval Expression
SQL Eval Function

More Projects...