Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

DOMDocument
Hello All,

I need to take an XML document, modify some of the nodes in it and then perform a

Casting Decimals in Oracle
This code worked as a query in DB2, but I am not sure what the syntax is for casting decimals in Ora

Progress bar tracking file downloads
Hey guys, was wondering if there was a way to track how far a file has been downloaded. I know there

ORA-01655: unable to extend cluster SYS.C_FILE#_BLOCK# by 128
Hi all,

Oracle 10g. Linux.

I'm facing the below error while trying to import a dumpfil

Values disappear from my array :( HELP!
hey all, I have a lil mysql/php/apache script that queries a database
and pulls put 5 integers.

Something Non-Traditional. Can we solve?
I have an idea for an application here. It's mostly flash, but it couldn't work without a somewhat n

Oracle Text CTX_DOC.snippet slow
I have a table (FILE_TABLE) that contains a blob column (ft_file) and I have created the following O

remove innitial

and

tags
i am using tiny_mce as a text editor for my CMS.
buy now the problem is it add <p>

Storing Values taken from a DB...
Using this code it will generate a short list from my database

<?php
mysql_connect

2 things: enter doesn't work in IE & empty form
i have this search form that works well except for 2 things.

1) on IE when i hit enter instea

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash