Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);
No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

Not capturing all the information we require in the form.......
Hi Guys,

I was wondering if you would share some more of your knowledge today, I'm hoping it

PayPal Redirect Issue
When I have my paypal button set so that is redirects to http://empiremarketing.ca/order.php,it work

MySQL Primary key gap
Alright, so I have a table with 26 entries in it (id, filename, caption) for my image randomiser (ht

Apart from cron
I need to run a php file every one hour. Is there any other solution apart from cron job?

Curly Bracket Delimeters.
I'd always believed that the starting and ending delimeters in preg_ functions had to be the same ch

error checking breaking my code
Hi there, OK first of all, big apologies for what I assume is really fundamental errors in the struc

CHECK A STRING FOR ' " ' (DOUBLE QUOTES)
I am checking for delimiter (.!?) and if there is a " after a sentence then it should neglect a

PHP code needed to get/post form fields and request mysql query results.
I'm new to PHP

I've created an html form to allow the user to request a basic telephone dire

php include email form with attachment
I have had no luck with finding a email form all over the Internet for various reasons. Some insecur

Change Sort Order to Display Newest File First
Hi Guys,

I have a page that sorts the contents (PDFs) of a directory and displays them on the

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash