Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);
No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

Registration
ok so i have a site where people can register and login which works now thanks to someone on here th

php libs/ browsercap.in
ok i have a host that refuses to stay current. they control my php settings and libs. is there a way

cURL Upload Help
OK, I am creating a bridge from a local program to my website and I am trying to find the best way t

Problem with coding MySQL query
I'm having heaps of trouble getting one of my PHP/MySQL queries to work for some reason (and the fun

how do i display data on a page from mysql
1 - do i use this code at the top of each of my page i wish to only alow access if there as been a s

Object Interfaces
EDIT: Never mind, I just updated to php 5.

Hey all,

I'm currently experimenting with p

Extracting Long text from message class with parameters
Hi,

I would like to extract the long text from a message class. However, the long text ha

PHP Surveys
I really would like some advice.

If you have a client come to you asking for a survey to be d

download directory onto C drive
I am attempting (if this is possible) to write a routine to automatically dump the contents of a dir

ORA-01017: invalid username/password; logon denied
Dear All,

I am facing problem in taken backup from db13 it comes up with the following l

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash