Preventing SQL Injection

Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

Your Answer:

Login to answer

Other forums

Dealing with code in db query
I am dealing with C code and I need to make sure it is encoded some how to ensure its integrity and

Using the $_GET variable to view certain records
Hello,

First let me explain my problem, I have 2 pages the first page pull a list of Guide ti

Problem with an browser game.
Hello,i just joined that great forum and i got php prob,its kinda freaky...anyway i got browser game

classic dynpro : hide area and auto adjust hights
Hi,

I want to develop a similar user interface as is used in standard transaction MIGO.

php/mysql auto logout after 2 hour and reset password
Hi all,

This I hope will make sense. I've the following code which when a user logins in, cr

have trouble in a if condition
The if below is working ok, it check when indexes, name, zipcode and state are empty.
Code: &

Using cURL to PUT
Can somebody help with the correct php code to make a cURL PUT request. Here is a sample of code bel

Credit card verification
I have a client who wants to process credit card transactions from his web site rather than the goin

Thought I has this figured out especially after all the help i received?
Cags, Salathe, Daniel helped me with this yesterday, but not sure i took it all in.
I am attempti

Formatting echo from database
So I have a database that stores First and last names, then echos them back to a website, as of now