Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

pointer 102 question
I read a book
1
2
3
4
5
6
7
8
9
10
11
12
int main() {

RadioButtonList item spacing
I have a RadioButtonList and I can't put any spacing between the items. They are arranged verticall

Edit MySQL Row Using PHP and HTML Form
Hello,

Here's what I'm trying to do. Build a page where a user enters a MySQL row number in.

Chat Box in PHP
I was thinking in doing a Chat Box in PHP. For that I would use a form with two fields, Nick and Mes

check if string contain only a-z/A-Z
Is where any way to check if string contains only a-z/A-Z, without writing an array with all possibl

str_replace help
Hey there,

I'm a PHP newb, I'm having troubles with the str_replace function. I want to clean

Why is the logic of this simple code not working?
Hey, I'm trying to determine if a table already exists in mysql, but doing a query first with mysql_

Progress bar tracking file downloads
Hey guys, was wondering if there was a way to track how far a file has been downloaded. I know there

count only commas outside parenteses
I have a sql table containing
id - query - query name
the first page contains a drop down men

New Login Script
Hi all, i attempted to create a whole new login script witch isnt working for some reason i dont kno

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash