Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

How to show a complete textarea ??
I enter Client Case Notes notes in a textarea field on a PHP form. The field is 5 rows deep and 70 c

Is STL important?
I'm just starting programming and I've made it until the Standart Template Library. But the chapter

Alternate messaging
I have 4 strings in MySQL db1

$string1 : Hello
$string2 : Hi
$string3 : Great
$strin

losing variables between php brackets
Hi

have got this code:
Code: $id=mysql_result($result,0,"itemid");
$title=mys

with clause
hi all, i have a big query that usually access the same table more than once. for example, i have s

Place specific image in html page when specific name is typed.
Hello,

Fairly new to PHP and was curious if someone might know how to solve a fairly simple r

Website Direction...
I recently used this code to try and make it so the page loads as http://www.domain.com/ when you ty

Are sessions secure at all?..
I haven't really gotten into yet, but I was just thinking of something weird..

Lets say you h

why is it over writing
Code: $filepaths[] = $_FILES['new_image'];
foreach ($filepaths as $filepath)
{
$imagename =

smart reading from a text file
Hello there fellow coders, i was wondering if one of you wouldnt mind helping me with this problem i

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash