Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);
No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

Need help in Generating Combinations
Need help generating all possible combination of names in an array

Lets say i have the follow

PHP5 - AJAX help
I've been following the tutorial on w2schools (http://www.w3schools.com/php/php_ajax_database.asp) a

Will this protect from mysql injection?
I do not want anything like DROP TABLE to work or any type of coding..

Heres my code.. is it

PHP loop
Okay so I have several "articles" stored in a mysql database and am attempting to echo tho

Help with Hyperlink
Hi,

What I am trying to do may be simple, I just can't get it to work. Ok...

I am usin

Unique Visitor Tracking
Hello. Currently, I run a voting site where voters are tracked by their IP address and can only vote

HOW to get the bind variables list.
I've the following problem : I've some SQL queries stored in my DB as VARCHAR2 values.
I need t

My query is being run with no results.
I have this.

Code: function DropUser($duser_id, $user_email, $user_username) {

Redirecting Admin
In my members table, I have a field called "perm" and it's set to zero for all members. Ho

CODE NOT WORKING
Code: [Select]<?php
//include shared codes

include '../lib/common.php';
include

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash