Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

Character Sets/Collations Stuff
Can someone please give me a check list of things I must do to setup all the charset stuff for my ph

List/Menu Box
On an edit page when you want something to select what a user has previously selected from the datab

want to add a break after a certain amount of characters
i was wondering how to add a break in a blog post after a certain amount of characters... any idea o

single values into sql field
i have a form which i want the user to able to select multiple answers. But i want the answers to be

Drawing Images in classes
I'm quite new to Object Oriented PHP. What I'm trying to do is draw some images but also have other

PHP Include not working
The website is http://www.grlistingservices.com

The code block is as follows:

<

Form Help
Here is the form:

Line number On/Off | Expand/Contract<? include("../include/sess

PECL uploadprogress for php5.2
Hey, I just installed PHP5 via .htaccess on my 1and1 Shared Hosting Account.

How would I exac

How could I combine these arrays??
Hello.. I'm trying to figure out a way to combine these first two arrays to get the last array..

query based on 2 conditions
I want to select if the doc_type is either s OR f but this doesn't work:

Code: [Select]$query

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash