Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

Help with PHP Calendar code...
Hello, I'm new to this forum and I'm glad I found it.
I wrote this code for a PHP calendar as an

I would like "for" to wait 5 sec
I would like my 'for' loop to wait 5 sec before second iteration.


for ($i=0; $i<10

data type in column definition
Hi,
I create a table with column called "Direction of Travel code ".
The travel codes in t

How can you detect variable string in a massive string?
Ok guys, i need some help with this one.

I am going to be getting a large string, like 10-20

All possible combinations of String in PL/SQL
Hi All,

Could you please explain the logic of getting all possible combinations of String

Strip Slashes Help
I've got a script that i've downloaded of the net to edit multiple fields from my sql database, and

Syntax Help
I'm trying to make a form that edits a php file which contains config settings. I'm using strings t

News script
Hi ...

I am not sure if this is the rite place to post this but if its not sorry

i am

Where is my php.ini???
Hi

First off - apologies - i'm not a coder so this may sound very amateur.

I'm having

writing a screen scraper
Hello,

I'm writing a screen scraper application and want to be able to get absolute addresses

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash