检查这些链接

http://en.wikipedia.org/wiki/SQL_injection [ http://www.unixwiz.net/techtips/sql-injection.html [ ^ ]

http://www.programmerinterview.com/index.php/database-sql/sql -injection-example/ [ ^ ]

Check these links

http://en.wikipedia.org/wiki/SQL_injection[^]

http://www.unixwiz.net/techtips/sql-injection.html[^]

http://www.programmerinterview.com/index.php/database-sql/sql-injection-example/[^]

这取决于您的sum变量值的初始化位置.

通常，如果将诸如文本框"之类的用户输入控件中的值连接到普通SQL查询中，则会增加出现" SQL注入"威胁的可能性.

请查看以下链接以获取更多信息.
http://msdn.microsoft.com/en-us/library/ms161953.aspx

http://msdn.microsoft.com/en-us/library/ff648339.aspx

It depends from where value of your sum variable has been initialized.

Generally in case when values from user-input controls like "Textbox" are concatenated to plain SQL Queries then it increases the possibility of threat of "SQL Injection".

Have a look at below links for more information.
http://msdn.microsoft.com/en-us/library/ms161953.aspx

http://msdn.microsoft.com/en-us/library/ff648339.aspx