Preventing SQL Injection

Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

Your Answer:

Login to answer

Other forums

Help with writing "$" with fopen
I just can't get my syntax correct. Could someone help me please? I am trying to write a connect fil

am I using this for loop correctly
Dear buddies!

Right now I am generating a report with some details for all the dealers.

cPanel API
Hi Guys,

Need a little guidance. I'm trying to get my script to communicate with cPanel (or W

Sessions work for me and not others?
I'm having a bit of bad luck with sessions. In the past they have worked fine for me, but this time

Linking with Foreign Keys
I have been getting an erro when I try and link:

create table Faculty_Specialty (I_Name v

Class not found error
I am getting Class 'index' not found in Eval function:

//write config

$pat

Generate multilayered array from string.
ok so i have a string that looks like this:
Code: blog:edit_all,delete_all|users:edit_all,delete_

user administration
Dear @all,

what I have to do to set the user defaults for new users. At the moment I woul

IIS & NW MII on the same server
Hi,

We're weighing the possibility to run both IIS and MII (NetWeaver) on the same server

Strange HTML Tag?
I recently noticed some odd HTML appear in some of the websites I host. Not all of them are run on a