I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);
error reporting
hey everyoneI have a production server in which I want error reporting but only on some pagesI haveini_set('display_errors', 1);ini_set('log_errors', 1);ini_set('error_log',
Using the $_GET variable to view certain records
Hello,First let me explain my problem, I have 2 pages the first page pull a list of Guide titles from a database for example if i had a guide called "Install windows" it would be pulled from
Windows 7
Windows 7 default user account control worries experts. Corporate IT departments should be pleased with new security measures in Windows 7, but consumers are still at risk of getting hit by malware
Output Full URL of Current Page
Let's say I am currently viewing a dynamic page: http://www.mydomain.com/directory/index.php?type=flowers I want this URL to be output on the page, but not including the end parameters.
ECC6 - Single sign-on
We are in the process of upgrading to ECC 6 which will support single sign on with user passwords aligned by our active directory to the same as those used to access the Network. My query is that we
How to search for several parameters from objects in a database?
I have a database with lots of information about objects.Now I would like to search for 4 or 5 parameters at the same time (from a form) like this:I choose from a select-box one parameter and then
Edit MySQL Row Using PHP and HTML Form
Hello,Here's what I'm trying to do. Build a page where a user enters a MySQL row number in. Then, a new page appears with an HTML form where the user can edit the information in that row. Like for
I am stumped
OK. Here is what I am trying to do. I have the conditions set, and if the conditions are met, I want to randomly find a user id, and username from a table, and then store each of these names in the
Finding digits in variable containing text, and IDing them
$romanstock = "http://www.remoteprice.com/data.asp?storeid=123&itemcode=456&type=2";$contentsstock = file_get_contents($romanstock);The above code, when rendering
phpMailer will not connect using SMTP
I am trying to use phpMailer with smtp:Code: [Select]$mailer = new PHPMailer();$mailer->IsSMTP();$mailer->Mailer = "smtp";$mailer->SMTPSecure = 'tls';
