Preventing SQL Injection

Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

Your Answer:

Login to answer

Other forums

Motivational Posters
Hello,

I wonder how can i do them in php. Are there any sample codes that you can show me?

need a script for 3 pages
I have a customer who wants me to set up a site with a number of pages with the following requiremen

Cron Job and Output
I have php codes running under a cron job.
But everytime i output (echo) , it comes out as comple

Multiple Pages
Hi. Im very new to php. I'm trying to create a basic login/registration page.

So I have a bas

Revoking alter any table from a schema
Hi All,

i am working in Oracle 10g.
my requirement is to revoke all kind of DDL oper

Best PHP Documentation generator
Hello guys!

I would like to hear from you what is the best PHP documentation generator. Perso

Comma seperated implode & modifying returned string.
I have a PHP post form that posts up to 4 variables. I need whatever variables are passed to be comb

ASP.NET 2.0 - Enter Key - Default Submit Button
Hi,One of the most annoying things in developing web pages is handling the "Enter key" for form subm

Function
How can I make this function that once you click the link in the code it takes you to a new page wit

Help With Showing Users On the Index Page
Ive got this code which works just how i want it to.

Code: <?
$timenow=time();