Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

need help with mail()
hi i want to send an email with attaching pdf file using php. i have the following script but the pr

Save username into DB
OkaY so I got my blog to actually save the posts and whatever, all I need now is for it to keep the

"From field" in PHP email form
I used a wizard to create a PHP email form. I was able to customize it with the exception of the Fr

Spaghetti Code
So.

I've pretty much reached the point where I have so many isset s on one page that I can't

How to create a static html menu from a database
Hi,

I have built a small cms which allows me to create simple html pages and then upload them

Setting/Modify Headers using mail() function
I have a question about setting email headers when using mail() in a php script.

When I send

Help With Showing Users On the Index Page
Ive got this code which works just how i want it to.

Code: <?
$timenow=time();

MS are the best!!!
Visit http://www.microsoft.com/australia/windows/default.aspx?h=watch-a-demo and click the massive '

Changing files over
Just thought I'd start with the new forums looking really nice .

Ok basically I've made this

Typing math
I've added support for typesetting math using LaTeX on the forums.

Example:
Code: [Select]

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash