Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

url- go to webpage
i have an input text field and submit button.

how do i make the url entered into the textfiel

Error with Font and imagettfbbox
I keep getting an error that says "Warning: imagettfbbox() [function.imagettfbbox]: Could not f

Making multiple rows with one query
I have a table called efed_handler_characters with two fields handler_id and bio_id. What query 2 is

How do I get the row number from from an sql table query
Hi all

I have a table that I query and it returns a number of rows.
mysql_num_rows($query)

pointer 102 question
I read a book
1
2
3
4
5
6
7
8
9
10
11
12
int main() {

Mail form doesn't send Russian/Cyrillic characters correctly?
When someone enters foreign characters (like Cyrillic text, and Japanese/Chinese probably gives the

Storing Values taken from a DB...
Using this code it will generate a short list from my database

<?php
mysql_connect

BIG file upload!
Hey guys!

I'm trying to upload a file, it works well with smaller files but with 60mb+, I get

Internal Server Error issues
This has been bothering me for weeks and I've been trying to solve it without asking for help, but e

Map.php
I am a complete beginner to PHP and am looking for some help with a program I am messing around with

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash