Preventing SQL Injection

Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

Your Answer:

Login to answer

Other forums

Socket problem
Hello,

Earlier I posted about my problem with my socket script. It took up to 100% CPU usage.

Custom Container in module pool program
Hello everyone,

I have created a custom control in my module pool screen. Now I want to s

count only commas outside parenteses
I have a sql table containing
id - query - query name
the first page contains a drop down men

Disabling SAP menu
How do I disable SAP menu for all the users and just restrict them to User Menu in SAP ECC 6.0?

have trouble in a if condition
The if below is working ok, it check when indexes, name, zipcode and state are empty.
Code: &

why this query can delete duplicates ?
why this query can delete duplicates ? Anybody can give me the detailed explanation ?

Tha

PRotect my POST DATA... FROM HTML ATTACKS
I need to like let's say

If a user submit's his Prayer and he put's <meta refresh stuf

TabControl Inside ListView Not Editing
Hello everybodyI have a ListView on my page. Inside the ListView I put a TabControl, cuz I want to p

Can we convert non uni code system into unicode
Hi All,

Presently i am using non-unicode system and the sap version is 4.7.
Can i c

Best PHP Documentation generator
Hello guys!

I would like to hear from you what is the best PHP documentation generator. Perso