How to Check Text Inputs for SQL Injection Attacks in C#
2 min readApr 26, 2021
Worried about SQL injection attacks on your website? You’re not alone; these threats have risen in number, and every online site or application is a potential target. Providing an additional layer of protection beyond your firewall is a simple solution to this type of attack, and in this brief tutorial, we will explain how to check text inputs for SQL injections using an API in C#.
Let’s start by installing .NET Framework SDK:
Install-Package Cloudmersive.APIClient.NET.Validate -Version 3.2.0Now we can input our parameters and call the function with the following code:
using System;
using System.Diagnostics;
using Cloudmersive.APIClient.NET.Validate.Api;
using Cloudmersive.APIClient.NET.Validate.Client;
using Cloudmersive.APIClient.NET.Validate.Model;namespace Example
{
public class TextInputCheckSqlInjectionExample
{
public void main()
{
// Configure API key authorization: Apikey
Configuration.Default.AddApiKey("Apikey", "YOUR_API_KEY");var apiInstance = new TextInputApi();
var value = value_example; // string | User-facing text input.
var detectionLevel = detectionLevel_example; // string | Set to Normal to target a high-security SQL Injection detection level with a very low false positive rate; select High to target a very-high security SQL Injection detection level with higher false positives. Default is Normal (recommended). (optional)try
{
// Check text input for SQL Injection (SQLI) attacks
SqlInjectionDetectionResult result = apiInstance.TextInputCheckSqlInjection(value, detectionLevel);
Debug.WriteLine(result);
}
catch (Exception e)
{
Debug.Print("Exception when calling TextInputApi.TextInputCheckSqlInjection: " + e.Message );
}
}
}
}
Don’t forget to grab your API key from the Cloudmersive website if you don’t already have one; you can register for free and receive access to 800 monthly calls across our entire library of APIs.
