I have asp.net site which uses ACCESS as the backend. I have set up the code to make updates in the database from straight SQL commands in the .net page. I want to update the pages in order to prevent SQL Injection. I see how to do an insert by using the following syntax: cmd.Parametaddwithvalue but do not know the syntax for an update query. Can someone help? Thanks!