Escape string in C# « Stories about everyday life

Escape string in C#

I have searched more than 30 min. for string escape method in C#, and finally here it is.

You can find it deep inside Security namspace

string safeString = System.Security.SecurityElement.Escape("St'ring to escpa");

You can use it to sanitize values before saving to database.

This entry was posted on Thursday, December 31st, 2009 at 16:33 and is filed under C#, MSSQL, MySQLd, Programming, SQLite. You can follow any comments to this entry through the RSS 2.0 feed. You can leave a comment, or trackback from your own site.

2 comments

gio

February 1, 2011 at 01:16

Well done my friend…!
Dave

March 10, 2011 at 18:05

Bravo.

The idiots at Microsoft are idiots because they believe making a parametrize query is the only way to one should build a query, however there are many use cases where you should escape the data instead.

Data should be sanitized before it is stored as opposed to storing non-sanitized data and having to sanitize it going in and out of the database.

This reduces the risk that you have while you try to work with business logic.

Me on Twitter

Why Nikola Tesla was the greatest geek who ever lived - The Oatmeal http://t.co/FPznFgks 5 hours ago

Tužna priča Sarajevskih Romea i Julije #RIP http://t.co/Xz5Oy1K8 1 day ago

Dropbox nam je upravo vratio 10 GB koje smo pobrisali greškom <3 :) 1 day ago

A preacher, 500 startups, and a dream to change it all — Tech News and Analysis http://t.co/J8dDzqUN 1 day ago

Upravo na TV-u spot neke grupe, u njemu plešu konobarice a kraj njih ko drugi već @POSSector :D 2 days ago

Stories about everyday lifemy playground