Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

Help with simple query
Hi,

I'm trying to do a Query with a Union where I want to print the number of rows $tc conta

Error querying database.
I get the above error when trying to insert some values to a datatable.
Here's the code :

Pls help with PHP
Pls can anyone direct me on how to create a user account for a customer. For example i want know if

Sessions work for me and not others?
I'm having a bit of bad luck with sessions. In the past they have worked fine for me, but this time

Having Problem with Date
l have a submit buttom where user have the possibility to add a date to specify when his message s

Set Categories
I am creating a submission form for somebody to come in and submit products. These products are sep

Streaming local file from PHP while it’s been written to by a CURL process
I am creating a simple Proxy server for my website. Why I am not using mod_proxy and mod_cache is a

help connecting a form to php and then emailing the form
Ok. So, I made a form, and I need help to where when submitted, I get an email with the submitted de

Beginner PHP code help
Hi I'm new to php but if someone could please read the question below and help it would be great.

$_POST variable un-useable
I'm trying to use a $_POST variable in a mysql update statement but i can't use it for some unknown

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash