Skip to content

Commit

Permalink
Merge pull request sqlkata#554 from tskong/sqlinjection-quotes
Browse files Browse the repository at this point in the history 
Escape single quotes for sql injection
  • Loading branch information
@ahmad-moussawi
ahmad-moussawi authored Feb 13, 2022
2 parents 7bf1595 + 77de282 commit a1f8e3f
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion QueryBuilder/SqlResult.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ private string ChangeToSqlValue(object value)
}

// fallback to string
return "'" + value.ToString() + "'";
return "'" + value.ToString().Replace("'","''") + "'";
}
}
}

0 comments on commit a1f8e3f

Please sign in to comment.