I'm attempting a login form in VB.net, when I attempt to use the login form . For example, this exact query leave it open to sql injection. with a .