Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);
No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

send() and recv() parameters confusion
On server Side:
int recv (Socket,Buffer, Length, Flags)
On Client Side:
int send (Soc

upload control not working with update panel
Hi,

I am working with Asp.Net FileUpload control with ajax update panel,

if i use the

Hyperlink is adding an extra gap to variable
Hi, here's my problem..

I have a php generated page with a hyperlink which opens in a new win

Casting Decimals in Oracle
This code worked as a query in DB2, but I am not sure what the syntax is for casting decimals in Ora

Problem displaying "scraped" XML data
I'm basicly having trouble displaying XML data scraped from an URL using cURL.

What the code

Multiple Options for a Single Page
For this example I want to use the Handlers option which is under Fed Admin and all the related codi

Php If in MySql query (hiding labels if a field is empty)
Okay, I've been trying to do this for a while, and I'm finally going to ask for help so I can get th

This must be easy , pulling the last record of the day, every day, from a txt
I have a txt file logging weather data every minutes (so 1 record per minute). I want to extract the

Dynamic memory problem
Hey,

At the beginning of my code, I have this line:

Shape* gShape = 0;

Format timestamp from mysql
When I tried this:
Code: date("m/d/Y H:i A", $row['timestamp'])
I got 12/31/1969 18:

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash