Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);
No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

Displaying Column Names
I have a question regarding the ability to show the column names from my table/query.
What I'm lo

First root of a number
Hi,

I can't find any function in php to give me the first root of a number.
Is there any

How could I combine these arrays??
Hello.. I'm trying to figure out a way to combine these first two arrays to get the last array..

Asset Transfer from One plant to another within same company code
Hi,

Please advise how to transfer one asset from one plant to another plant within same c

SMTP server...
I recently found a tutorial online on SMTP authentification for sending emails from webpages, here i

Pspell with my own dictionary
Hello!
I've tested two cases using pspell functions.
1)
Code: $dictionary_link = pspell_new

Drop Down and text box issue
Is it possible to set a drop down list and text boxes to a certain width?

here is my code

PHP Tab Control
Hi All,

I would like to have PHP tab control with/without Javascript.

But I want to r

SQL Query/echo not working
Hey all,

I'm trying to run (what I thought) was a simple operation and it isn't working. I h

generating random codes
Hi guys n gals,

I have a requirement to generate 250,000 unique codes...

These codes a

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash