Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);
No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

array & querys help/advice.
Ok so here goes , I have a mysql database and basically here's what I need to do.

// foreach

str_replace help
I am thinking str_replace is my only option to filter outputs from my database to convert them to sa

How to ask a regex question?
Hi, I thought I'd share some of my insight after seeing too many bad questions that either get ignor

need help with date function
i have following form for date

Code: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01

Output Buffering question
Hi all,

I've been trying to wrap my head around output buffering. So far I've found tons of

Secure pages Sessions vs. Cookies & session_destroy() help
Im new here and new to PHP, I hope you can help me with some questions.

Im writing my web ap

Remote Database Access
Hey guys!!

OK, i'm used to only working with databases from the CPANEL, accessing phpMyAdmin

Option box to change variable
Hello, i need help by making a script!

I need to write a file with option box, so a dropdown

Lack of simpleXML Documentation
What is up with this.

Look at: http://www.php.net/manual/en/function.simplexml-load-file.php<

Progress bar tracking file downloads
Hey guys, was wondering if there was a way to track how far a file has been downloaded. I know there

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash