I have the following code that checks if a user-entered email already exists in the collection:
MongoDatabase authdb = DatabaseManager.GetDatabase("authdb");
var userDocuments = authdb.GetCollection<UserDocument>(UserDocument.CollectionName);
var doc = userDocuments.FindOne(new QueryDocument("email", email));
I'm a little that using a value (email) supplied by user is opening an opportunity for sorts of injections, kind of like SQL injection. Is it a real problem and how to approach it then?
Official docs are here.
http://www.mongodb.org/display/DOCS/Do+I+Have+to+Worry+About+SQL+Injection