Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);
No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

Day of week
I am using PHP version 5.0.5
I have a varaible ($DATE (date format yyyy-mm-dd)) that is being inc

with clause
hi all, i have a big query that usually access the same table more than once. for example, i have s

Php If in MySql query (hiding labels if a field is empty)
Okay, I've been trying to do this for a while, and I'm finally going to ask for help so I can get th

Displaying data from database into a 2 dimensional table
Good day!

I'm a beginner in PHP and I'm not expecting a full coding for this qestion. I'm jus

first few characters only
hi, does anyone know how to use PHP to take the first few words of a text and limit them? i have see

HOW to get the bind variables list.
I've the following problem : I've some SQL queries stored in my DB as VARCHAR2 values.
I need t

extending tidy
I have problem with type-hinting and extending tidy. This code creates error:
Code: class cMyTidy

PHP Function Page Advice
Hi All, I am quite new to PHP and Javascript but have written an Online Shop (Mainly for Fun and edu

Internal Server Error issues
This has been bothering me for weeks and I've been trying to solve it without asking for help, but e

Values disappear from my array :( HELP!
hey all, I have a lil mysql/php/apache script that queries a database
and pulls put 5 integers.

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash