Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

Why use interfaces in PHP (OOP)
I am learning OOP in PHP and its been a pretty good learning experience so far. What I didn't unders

Empty text file when there is over XXXX lines of text.

define("RANDOM_FILE","/public_html/random.txt");
$randomEntry = "

values in array being escaped
I would like to submit some values - back to the same form for checking before processing...

Call Screen statement Error
Dear Experts,

is there any setting that needs to be done before creating any dialog progr

Weird MySQL error, why am I recieving this?
PHP Code:


<?php require "global_settings.php"; ?>
<titl

What is SAP Avatar ?
Hi All,

This G.Satish , my boss asked me to explore on SAP Avatar. I searced in internet

PHP Game
hy i was wondering what's the best method in order to make some automatic updates in a php game
<

Menu restriction
How can I restrict the individual menu that would appear when a user logs in so that all users are c

Easy administration on MySQL databases
My website is database driven and I am very tired of manually making queries to my tables in order t

Sendmail.php - heading error following check_input
Hi,

I would greatly appreciate some help? I am brand new to PHP and have been searching and e

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash