I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);
Need help with a mail notify function
I was tasked with setting up a site that's been prewritten. The site is basically a form that captures user's info on the frontpage. All the code is there except the ability to notify the admin upon
Problem assigning value to variable in "IF" function
Does this script makes sense? I am trying to take the value that is set to "authenticat" and write it to authentication.I think it is getting messes up by the $authenticat = "1"
Can php detect connection speed and thereafter swap out elements?
No code to post, lads, yet. Just looking for a yay or nay at this stage:Can a php script be written to make a judgement call on whether or not to display a flash animation or *jpeg based on a
Help with looping
I have a comma separated list of colors taken from a database ($ICo) and a directory of images named "color". The images are named the "color.jpg"I am attempting to loop through
question about header() security
is is safe to just use the header() function to redirect someone if they are, say, not logged in? or should i always put a die() function underneath the header() function?
PHP switch function help
Hi, I am trying to create a search function for a directory website. On the search function on html page I have a dropdown menu. From this you can select one OF 3 options - shoes, handbags, shoes and
retrieving images from mysql database using php
So I've been trying to figure out how to store images in a mysql database, and as far as i can tell the images are stored but getting them out seems to be the problem. when i try to go to the page on
php automatically escaping single quotes
I'm trying to test out my security a bit and I've noticed that php is escaping my single quotes. For instance I enter x' OR 1=1-- in a form and the output it gives me is x\' OR 1=1--.Is there a
ldap connection
We are using ldap to get user information from the domain controller. It was working before. Recently I found the application is hanging at ldap_connect. It doesn't return any message. i am not sure
Tree Menu
Hi guys,Can anyone help me making a tree navigation system? I have a site where I'm allowing users to upload their files to share with each other. They can create folders, but I'm having real
