Preventing SQL Injection

Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

Your Answer:

Login to answer

Other forums

dropdown menu
Hello everbody,

I am php newbie.
I need to develop a program that once click the drop do

"SEO" URLs
Hey, I'm wondering how to go about creating and using these types of URLs. I'm presuming it's PHP th

Update not working ... please help
Hi,

I am trying to update a row using an edit form by passing id of the row .. but it is not

how to easy edit text, with box? Help.
Hi.
I have a little problem. I'm doing a webpage for my aunt and I would like to make it as easy

How to implement HTTP connection timeout
Hi All,I would like to implement an HTTP connection timeout.

I am working on a application wh

rdns with php
I am trying to build a script that will show all of the different domains that are hosted on the sam

php email checker
I am having alot of trouble finding info on how to do these email things. I need to do the following

Problems with strings containing
Hey all,

I have encountered something strange in a script. I am trying to write an XML heade

How can you detect variable string in a massive string?
Ok guys, i need some help with this one.

I am going to be getting a large string, like 10-20

New to Arrays
Hi I am new to PHP (a week and a half now) and I am just beginning to read about arrays. I understan