Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);
No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

Xacute search within SQL results
I have a query that is pulling data, and I want to return a specific value from the results of that

HTML form problem
Ive made a form to that i want to send to my email via PHP. but when it send only the name's etc sen

how to insert value
I am having file bookissueadd.php..... in which i am having tag

<td height="21&q

Help With editting and deleting form
Hallo !!

So look at this image :

http://img194.imageshack.us/img194/8272/snapshot5f.pn

Timer control causing error
I recently decided to add a timer control to an existing page that uses AJAX on my site. As soon as

C - Reading a file into a byte array
Hi,

I'm trying to read a file into a byte array in C. I have to use C as this is for a loadru

Entering Data Problem
Code: $result = mysql_query("SELECT * FROM flights");
while ($row = mysql_fetch_array($

Can't find the problem (no error message)!
OK, here's the deal. This code is really weirdly formatted (sorry!) and hard to understand, so I'm g

Protecting forms
Alright, I want to protect some forms of mine from SQL Injections, because I had someone earlier spa

Add trigger to UpdatePanel programmatically
Hi,I'm working on a website which uses AJAX and Masterpages. What I have is an AJAX UpdatePanel whi

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash