Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

php ajax - two drop down list with a submit button
i have created a form with 2 drop-down list and a submit button. I would like to know how to pass th

SQl num_rows problem
when i try to count rows from an SQL select i get an warning

Code: [Select]$countviews = mysq

need help with this contact form
I made this form and I need it to read the data and write the data to a table and its not working ca

Change Age automatically
hi guys . im new to php , is it possible to change age value in mysql automatically when year change

utl_file open error
i have file in the unix path

Path /popdev01/pop/popdevb/tfi/

File name

function to return url
Hi,

Can you guys help me giving a function that takes all the contents in a particular field

mysql VARCHAR acting like INT
Hi, All.

I have a table that contains a varchar(10) column named weird_field. In this column

PHP Mysql Staff Induction System
Hi there, I'm pretty new to PHP and Mysql so could really do with being pointed in the right directi

mail()
Hi all. I have a problem with emails. I am trying to set up a mail system where customers can subscr

Need help with some php code :)
Hey! I'm quite new to this whole thing, so please don't fire me with shait on this one =D

I'm

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash