Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);
No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

form problem
Hi all, I think this is going to be easy to resolve but for I have been looking at it to long and I

Looping Problem
I've got a client that has a database with about 200 events at any given time. I'm trying to loop t

Javascript or not?
How many people prefer javascript/ajax sites? How many prefer the good old fashion straight php sit

How to read CSS message data
Hi,
I have a requirement here. When working as a Dev angel for multiple customers its really di

Add 5 to a variable when a button is clicked, and re-run a for loop
So I'm making a feedback sort of section on a website with MySQL and PHP, I've gotten the script to

Spaghetti Code
So.

I've pretty much reached the point where I have so many isset s on one page that I can't

timezone change with date()
so i put all my times for posts in my made from scratch forum(not phpbb3 or sm)
in my mysql db u

Adding to the next element in a multidimensional array
Hi, I'm trying to add a value to $node->field_spaces['nid'] where x is the next available spo

PHP Code To Change Font Color in Table Cell
I would appreciate help with the following snippet of my php code. I am just trying to change the f

private constructor
Hello,

Can we create a constructor as private? If yes, what is the use of it? If no, why can'

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash