C#•3y ago

❔ Is this enough to clean a database entry?

I'm entering user-defined text into an SQL table but dont want my tables getting dropped. Does this work?

if (unsafeText.Contains('\'', '\"', '`'))
                {
                    //give error message
                    return;
                }

if (unsafeText.Contains('\'', '\"', '`'))
                {
                    //give error message
                    return;
                }

if (unsafeText.Contains('\'', '\"', '`'))
                {
                    //give error message
                    return;
                }

if (unsafeText.Contains('\'', '\"', '`'))
                {
                    //give error message
                    return;
                }