spot errors in VB

Please spot the errors in the following code in VB.NET:

Dim Diff As String = con.ExecuteCommand(“SELECT DATEDIFF(Day,(select [date] from table where Username = ‘” + txtUserName.Text + “‘),’” & DateTime.Now.ToString() & “‘)”)
If (Diff > 30) Then
Response.Redirect(“PleaseChangeMyPassword.aspx”)
End If

( find at least 3…)

Side note:

No wonder Visual Basic has died ( more or less). Guess future of server javascript ….

Posted

2016-09-18

.NET

ignatandrei

Tags:

Comments

3 responses to “spot errors in VB”

Nilesh

2016-09-26

1. ExecuteCommand returns int and is being assigned to String variable.
2. Diff (being a string) is compared with Integer

Can not spot the 3rd one. Can you hightlight the third one?

Reply
1. Andrei Ignat
  
  2016-09-27
  
  Sql Injection
  ‘” + txtUserName.Text + “‘
  
  Reply
  1. Tudor Turcu
    
    2016-10-07
    
    Eroarea e la programatorul care mai compileaza un program cu Option Strict Off 🙂 iar sql injection nu are treaba cu limbajul..
    
    Reply

spot errors in VB

Comments

3 responses to “spot errors in VB”

Leave a Reply Cancel reply