Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

PHP & Images [Resize, Crop, Save]
Hey! Well I have a little dilema, hoping I could find some guidance.

I have a CMS and on the

foreach result into a single variable
Hi,

I have this code...

Code: [Select]foreach ($_POST['Interests'] as $interest =&

Filtering an Array Based on Value
I have a very simple script set up that pulls data from a database and is output using this code:

Need help to modify php ELSE code
I'm trying to find a way to have the php code display a message if there is no inventory listed in t

image upload, resize THEN submit form
Ok so I have a form that requires the user to upload an image, and then do something with that image

Access website from only 1 computer...?
One of my customers wants his website to only be accessed by people in which they bought the website

Converting RGB values to HEX
Code: <?PHP

$file_handle = fopen("colors/rgb.csv", "r");

wh

Help on query replacing the date
Hi Pals,

i want to replace the current date in a column to some value say C or D or any n

ereg_replace()
Basically what i need to do is

$title = "This Suck's"

$striped = ereg_repl

javascript in php code causes page to display white
Hi All,

Odd one this, I've got the following code (below) which is a simple log in form. The

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash