Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

word wrap in emails help needed
Hello, I understand how wordwrap works in php and have used it well before. However when I used wor

FPDF Help
I've been playing with the FPDF module. I was building a form and rolling right along and then sudde

COOIS - Saving Object Overview WIP Status layouts
COOIS - Would like to be able to save the layout of an Object Overview - WIP Status report. There i

Save remote XML to local website folder
Hi, I hope you can help me out. I would like to be able to pull an XML file from another site and t

losing variables between php brackets
Hi

have got this code:
Code: $id=mysql_result($result,0,"itemid");
$title=mys

column name cancatenation within PL/SQL
I have a PLSQL store procedure, and the following statement is part of a subquery
fname||lnam

How to get the previous months last date....
Here's my wittle problem. I suck at working with dates.

So today is 10/20/2009, i need to fig

ctype() validation - allowing illegal characters
Hello,
I use ctype() to filter and validate a user form. However, I am trying to allow certain c

Posting Serialized Data Not Working
I am trying to send an object from one PHP file to another using POST. I serialize the object and th

PHP Session Issue
I'm having an issue with one section on my website dealing with sessions. Now I know that myself and

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash