Don't concatenate SQL like that - you are open to SQL injection attacks. For example, someone could use a JS debugger to modify the values in ddlProjectPlatform so the Selected value was '0 OR 1=1' or similar.
Use SQL Parameters...always. On Wed, Jun 2, 2010 at 5:25 PM, julik <[email protected]> wrote: > Any way to replicate is null functionality using the "="? > I automatically set values in .NET code and everything is great only I > can't easily check for nulls b/c I feed variables into > " where P.ProjectPlatform = " + > ddlProjectPlatform.SelectedValue.ToString(); > > Any easy way to check if P.ProjectPlatform is null in the above > example using the "=" ? > > Thank you.
