Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);
No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

update 2 columns by doing inner 2-column query
Hi,
is something like this possible?

update contract_all set col1,col2 =
(

System copy error in RUN ABAP REPORT PHASE
Hi,
I am performing system copy on my test server. I have previously taken export of JAVA + A

Logging and nologging bulk insert
Hi,

oracle version: 10g Enterprise Edition Release 10.2.0.4.0 - 64bit Production

File upload issues
Hi Guys,

Can anyone see any issues with this code:
Code: [Select]$setImage= 'productimages

Error in write byte array into document in SM58
Hi Gurus,

Getting the following error status in Transactional RFC (SM58) ..... *Error i

Add a sign-up feature to a flat file login script
I'm working on a flat file login script and I would like to add a sign-up feature to it with a email

please, need help coding this voting for your favorite car polling system.
hi, my code needs a lot of work, but i want to be able to let users vote on their favorite car, upda

TemplatePower & AJAX
Hi all,



I'm currently implementing some AJAX features in my PHP-framework (which is b

help need on ob_start()
Hi

I am a newbie in php, I have a code
Line number On/Off | Expand/Contract <?phpo

present value of sequence?
Hi

Please help me to find out the present value of sequence?

Thanks

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash