Skip to content

Instantly share code, notes, and snippets.

/gist:3105417

Created July 13, 2012 15:12
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save anonymous/3105417 to your computer and use it in GitHub Desktop.
Save anonymous/3105417 to your computer and use it in GitHub Desktop.
Download ZIP
Example of insecure of password check
Raw
gistfile1.cs
bool IsValidUser(string userName, string password)
{
string sql = string.Format("SELECT 1 FROM person " +
"WHERE userName = '{0}' AND password = '{1}'",
userName,
password);
return ExecuteQuery(sql).Rows > 0;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment