I have some Classic ASP code with SQL Statements that are being hacked by sql injections. I just need help converting some of these statements to non-hackable queries.
My sql statements are fairly basic. Essentially it is grabbing variables from a form and then getting the results from the database.
For example, a form will ask someone to fill out Subdivision, City, Bedroooms, Baths, Price, etc. That information is then passed to ASP page to get results from MS SQL database .
I can deliver the current ASP page with sql queries so you can re-write.