Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);
No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

url- go to webpage
i have an input text field and submit button.

how do i make the url entered into the textfiel

Take info from one coloum and move to another
Hi all,

I have this:
Code: [Select]$array = "SELECT stock_id FROM stocks WHERE stock_

How to file_get_contents when login required?
Hello!

I am trying to read data from a page that you have to be logged into to view, I am try

'grab_files', multiple extension?
hey guys,

can anyone suggest a way to make to following line of code look for files with more

whats wrong with my code please help!!!
this is the error


Warning: mysql_close(): supplied argument is not a valid MySQL-Link res

Links not updating
I'm trying to fuel a simple navigation system for a news section. It works fine when it comes to ret

Need help: how to catch acess of undefined class properties
Hello. I am learning OO with PHP and have hit a problem.
Some code runs as perfectly valid code,

fire away
i launched about 4 months ago as a lagit co. i have 2 paying clients, 1probono, 1 side progect, and

mysql query with single quotes in a variable
$sitedetails = "INSERT INTO vars (address, sitename, description, ownername, theme) VALUES ('$u

Force download script not handling files with spaces properly
I have a regular old php force download script, uses this code:

Code: header("Cache-Cont

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash