Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

help countdown timers
hello every one,

I'd like to know how to insert many countdowns in the same page.
The dura

There was a problem with the request. (Code: 0)
Any Idea what could cause this? I get it randomly at best. But with both IE and FF. It derives from

DYNPRO_FIELD_CONVERSION
Hi gurus,

I got a dump when I run one of my program. the dump is described below:

simple php table loop
Hi all,

I've the following code

<?php // Create category options

PHP and SMS
Hi all forum members. I am new here and am unsure what category shoild I post this in.
Moderator

Referential Integrity problem when inserting into 2 tables at same time
Hello Everyone,

Im relativity new to PHP and MySQL and i have come up against a problem. i h

Text file to .Dat file Conversion in PHP
Hi All,
Could anybody provide code for Text file to .Dat file Conversion in PHP.

Tha

Please help with code for SMTP authenticated PHP email form
Hello, I'm creating a PHP email form, and for this particular server, I have to use SMTP Authenticat

JSON SORT WITH PHP
I have two products that I want to sort by say "Id:17, value: xxx" using php
The page w

help with multi-update
Now sure how to ask this really....
10g database if that matters.

I have a customer

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash