Preventing SQL Injection

Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

Your Answer:

Login to answer

Other forums

word wrap in emails help needed
Hello, I understand how wordwrap works in php and have used it well before. However when I used wor

How to get all server headers like Live http Headers does
Hey all, like many of you I use the Firefox addon "Live http Headers". I'm trying to write

Socket Server Response Headers
Earlier I had a post about my Socket Server, I wasn't able to get it to connect, now I can

I

Please help - should be a simple fix.. driving me nuts
Everything seemed to be working fine. I have a table, it alphabetically lists a bunch of cities and

browse folder only
hi,
is there a way i can browse or get the directory or folder only and not the file?
i just w

preg_replace question
Hello!!

I hope someone can help me with preg_replace.

I load two tables from an extern

is_dir() problem
Hello,

I'm buidling a php scripts that dynamically get's subfolders from a specific folder.

Allegro crashes when running load_bitmap. Why?
I can not get Allegro to load any BMP images. Here is a section of test code. The picture is in the

Printing a webpage
I use this to print the webpage: o

WELCOME SCREEN
first of all let me tell you what does my script do,

it´s a very simple query to show a e