Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

GET vs SUBMIT Button to show sections on one index.php page?
Just curious if one of these ways is better (i.e. more efficient) than the other.

I have a

Oracle Connectivity
Hi Every One,

Can we access SAP from oracle database.If it possible then please spec

Connecion issue
Hi,

For some reason, I keep getting this error when trying to connect:

Warning: mysql_

xApp Analytics in BI 7.0
Dear all,

I am trying to implement xApp Analytics in BI 7.0. After I installed the analyt

Call db table from any PHP file
Hi,

I want to be able to call a database table that will be setup in another file called init

Get last modified date of web page
Hai All,

In php how can i get last modified date of a give web page . I have tried to g

This is driving me nuts!
This insert query looks to be alright, however I get this error:

QuoteYou have an error in yo

Display error above the login forum help!
Hi guys. just so you know im not asking for someone to do this for me I just need to be pointed in t

HTML form problem
Ive made a form to that i want to send to my email via PHP. but when it send only the name's etc sen

MII Netweaver Server stopped due to CPIC connection Problem
Dear Experts,
We have SAP XMII 12.0 setup running on Netweaver 2004s,7.0, Java Stack only.

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash