Hi I would like to make this more secure by running the sql command as a stored procedure any help appreciated
I am using vb.net vs2013 and mySQL db
thanks
Code:
Dim Myadapter1 As New MySqlDataAdapter
Dim sqlquary1 = "SELECT * FROM mjbb_users WHERE username='" & UsernameTextBox.Text & "'AND password='" & RadTextBox2.Text & "';"
Dim command1 As New MySqlCommand
command1.Connection = MySqlConnection
command1.CommandText = sqlquary1
Myadapter1.SelectCommand = command1
Dim mydata1 As MySqlDataReader
Try
mydata1 = command1.ExecuteReader
If mydata1.HasRows = 0 Then
thanks