Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

help countdown timers
hello every one,

I'd like to know how to insert many countdowns in the same page.
The dura

MySQL issue
I am taking sentences through a form on page. Then checking some condition and trying to insert them

How would I convert this into code using an if statement?
ES equals exam score m equals $mean s equals $total. I already coded my mean and total so I'm not g

login and redirect
hello! can someone help me.. can you give me an idea.. I want to make a login page and redirects it

upgrade from 4.7 to ECC 6.0
Hi all,
we are going to do an upgrade from R/3 4.7 to ECC 6.0. I need to know if i can find som

Create PHP table grid help, please
I have a MySQL database setup, now it's time for the table (gridview) design in php. Here's the prob

How to get variable value on next page
Hello friends
i am working on payentry page ..there i have this code.........

i have no idea why this isn't working
Code: <?php
session_start();
include("connect.php");

error_reporting(E

how to make database item unique
Hey guys,

is it possible to do this:

I have the database item $title being pulled for

PHP Thumbnail Creation
Ok so i use this function to create thumbnails:

Code: function createthumb($name,$filename,$n

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash