Updated

SqlTester/Webtester/Pages/Index.cshtml

@@ -7,4 +7,8 @@
 <div class="text-center">
     <h1 class="display-4">Welcome</h1>
     <p>Learn about <a href="https://docs.microsoft.com/aspnet/core">building Web apps with ASP.NET Core</a>.</p>
+    <form method=post>
+        <input type="text" width="200" name="test" id="sql1" />
+    </form>
+
 </div>

SqlTester/Webtester/Pages/Index.cshtml.cs

@@ -1,21 +1,76 @@
 using EonaCat.Sql;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
+using System.Text.Json;
 
 namespace Webtester.Pages
 {
     public class IndexModel : PageModel
     {
         private readonly ILogger<IndexModel> _logger;
+        private static bool getDone;
 
         public IndexModel(ILogger<IndexModel> logger)
         {
             _logger = logger;
         }
 
-        public void OnGet()
+        public void OnGet(string test)
         {
-            TestsqlServer();
+            if (test != null)
+            {
+                TestInjection(test);
+            }
+        }
+
+        [HttpPost]
+        public void OnPost(string test)
+        {
+            if (!getDone)
+            {
+                Console.Clear();
+                Console.WriteLine("Testing for injections:");
+                getDone = true;
+            }
+            TestInjection(test);
+        }
+
+        private void TestInjection(string text)
+        {
+            var result = SqlHelper.ExecuteQuery(
+                new Microsoft.Data.SqlClient.SqlConnection(@"Server=localhost;Database=NorthWind;User Id=sa;Password=jeroen;TrustServerCertificate=Yes;"),
+                $"SELECT * FROM Customers WHERE Country = @0", true, text);
+
+            if (!result.HasResult)
+            {
+                if (result.IsExecutedToDatabase)
+                {
+                    WriteAsync("[EXECUTED TO DATABASE] No valid result!");
+                }
+                else
+                {
+                    WriteAsync("No valid result!");
+                }
+            }
+            else if (result.IsExecutedToDatabase)
+            {
+                if (result.HasRows)
+                {
+                    WriteAsync("VALID: " + JsonSerializer.Serialize(result.DataSet));
+                }
+                WriteAsync($"The SQL input was '{text}'");
+            }
+
+            if (result.HasException)
+            {
+                WriteAsync("Exception found: " + result.Exception);
+            }
+        }
+
+        private async Task WriteAsync(string v)
+        {
+            System.IO.File.AppendAllText("test.txt", DateTime.Now.ToShortDateString() + ":" + DateTime.Now.ToShortTimeString() + ": " + v);
+            Console.WriteLine(v);
         }
 
         private static async void TestsqlServer()
@@ -52,7 +107,6 @@ namespace Webtester.Pages
                     Console.WriteLine(result.Exception);
                 }
             }
-            Console.ReadLine();
         }
     }
 }

SqlTester/Webtester/Program.cs

@@ -1,3 +1,5 @@
+using Webtester.Pages;
+
 var builder = WebApplication.CreateBuilder(args);
 
 // Add services to the container.

SqlTester/Webtester/Webtester.csproj

@@ -12,7 +12,7 @@
 
   <ItemGroup>
     <Reference Include="EonaCat.Sql">
-      <HintPath>..\..\..\EonaCat.Sql\bin\Release\net6.0\EonaCat.Sql.dll</HintPath>
+      <HintPath>..\..\..\EonaCat.Sql\bin\Debug\net6.0\EonaCat.Sql.dll</HintPath>
     </Reference>
   </ItemGroup>