I have a basic C# windows form that allows the user to update a specific field in our MySQL database from a Windows machine. What is the best way to check the string input values in the C# form in order to alter the string to include backslashes for comma's etc but also to prevent against any form of SQL injection?
Many thanks.