Preventing SQL Injection

Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

Your Answer:

Login to answer

Other forums

writing my own sobel filter convolution - something is wrong
I am trying to keep it very simple, I cant see anything wrong with my logic, could anybody help poin

PHP, jAVASCRIPT setting input values, why isn't it working?
Hi:

I am calling this javascript:
<script language="javascript">

Random Number Generation And Probability
Hello, I am working on a function which has to insert data into a SQL table.

we have to suppl

max function question
Hi All
Ihave a table that holds shipment numbers and dates like this

select * from

IIS7 and getimagesize() problem
I have just discovered after hrs of trying to fix a problem where it's coming from. It's to do with

SWF image using php?
Hello once again.

My latest en devour requires me to produce an image of a static .swf that i

Escaped characters
I have a script that allows you to post news to the home page of my site. Along with the news is the

Multidimensional Array into an Html table, help!
Hello all, I am new to HTML/PHP so any help would be great.

I have a multidimensional array f

Optimize Code
Just started getting into the use of cookies. The following code will redirect users to a set URL s

php mailer
How can i send a mail to large no, say 50,000 reciepients using [color=#0000FF]php mailer[/color]