LINQ uses Sql Parameters internally, so it isn't vulnerable to SQL injection.
Personally I would stick with LINQ default queries unless you have extremely complex login in a SP which you don't want to reproduce in LINQ. And then, I'd suggest you might want to simplify or encapsulate your logic so it isn't in a stored procedure anyway! On Tue, Apr 6, 2010 at 8:32 PM, comicrage <[email protected]> wrote: > Hi, > > I am learning LINQ and was wondering the preference or difference > between calling LINQ default queries with C# versus LINQ calls to > stored procedures. Is there a big advantage of one over the other? > Also, security in terms of SQL Injections. > > Thanks, > > CR > > > -- > To unsubscribe, reply using "remove me" as the subject. >
