Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);
No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

RSS poster script?
I have found a script that posts RSS's for me on a site that I'm building. However I would like to a

random generation
hi

i need help with generating this

numbers from 1-12

i want to generate in ran

line breaks in between fetched file names
Hi,

I have this code:
Code: <?php
if($dir = opendir('files')){
while (($f

Little problem with form insertion in MySQL, Please help!!!
Hi!,

I'm a little bit new with php and I have a little issue here. I created a webform to ins

ECC6 - Single sign-on
We are in the process of upgrading to ECC 6 which will support single sign on with user passwords al

Edit MySQL Row Using PHP and HTML Form
Hello,

Here's what I'm trying to do. Build a page where a user enters a MySQL row number in.

Grids not displaying decimals, and behaving differently on different PCs?
Hello,

I coded a relatively simple MII application that allows data from a form to be add

query based on 2 conditions
I want to select if the doc_type is either s OR f but this doesn't work:

Code: [Select]$query

quotes changing
hi all

in my content

opening quotes " changes to “

close qu

PHP page loading in Firefox but not in IE
hello,

i am currently doing a project in PHP and i have a problem. If I view the project in M

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash