Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

using file_get_contents??
okay how would i create a script using file_get_contents() in php have it grab search pages 1-20 and

. and .. appearing instead of pictures
First of all, thanks very much for providing this forum. It is very much appreciated!

My son

Revoking alter any table from a schema
Hi All,

i am working in Oracle 10g.
my requirement is to revoke all kind of DDL oper

How to submit a form to the same page?
I have a table containing information about books in my library and this table has the following col

Filename like the user name
I am creating a form and storing the values in file. Could anyone please tell me how to write a code

need help in dynamic select menu in php
hi i have created a dynamic select menu using php. i have a problem in that which is when the user s

images aren't rendering
I'm trying to call a JPG file from within PHP (in an effort to hide the actual JPG folder). The imag

MYSQL gen help
This is my Mysql gen. can anyone tell me why this echos

MID(networkset.networkid, 3, 3) AS &q

Problem Dereferencing
With these types and tables:

CREATE TYPE MANAGER AS OBJECT (
MGR_ID INTEGER,

How to assign JS screen.width to ASP.Net variable
I've got this ASP.net routine that gets the cookie value of the screen width, but now I need to chan

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash