Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

phpMailer not working ..........
HI,
I was playing with the phpMailer script and tried to send a smiple mail using their test scri

CURL question
i am wondering if it's possible to use multi curl with login something like

login once to web

Just cannot get 'area' to submit to db using same php code as already used
Basically all i have done is just modified some code and added an area section.
The form is allre

query based on 2 conditions
I want to select if the doc_type is either s OR f but this doesn't work:

Code: [Select]$query

RadioButtonList item spacing
I have a RadioButtonList and I can't put any spacing between the items. They are arranged verticall

LinkedList help
Ok so I just learned quickly about lists, so I have a not too hard project I think, but am having a

user validation always displaying invalid ? please help
Hello,

I have 2 accounts and there is a field in mysql called validated it can be either &quo

how can i display php source code snippets ?
I am outputting some pho code .. and I want to display the source code so people can copy and paste

problem with sql querry in php script
Hello guys,

What I want to do is I want to read out a csv file and then but te conent ot the

Splitting Attributes
SQL> SELECT I_NAME, substr(I_NAME,1,instr(I_NAME,'O')) "First part",

substr(I_NAME, IN

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash