Preventing SQL Injection

Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

Your Answer:

Login to answer

Other forums

How to make a mail Form secure?
I want to create an email Form on my web site. How can I make the Form secure so the submitted info

foreach and array need help combining
Hi guys.

Here's the code

Code: array(
'tag' => 'code',<

mysq_num_rows
Hi,

I want to use:

Code: if(mysql_num_rows($ergebnis2)==2)
how can the value 2, be

constructor ?
i have written this program and made 3 constructors in the class and i want to call them in the main

ASP.NET Validation Event Cycle
Hi,
I have asp button as follow:

max function question
Hi All
Ihave a table that holds shipment numbers and dates like this

select * from

SAP Management Console is blank
Dear All ,

I am facing problem in my des sever suddely in SAP Management Console is blank and

Mail Form receiving emails with no content
Hi, I hope someone here can help me.
I have a simple form in my website, it was working OK, after

PHP Include w/If IE Condition Statement?
I was having a problem with Internet Exploder (big surprise, right?) displaying my drop down menus i

TinyMCE / Ajax Postback Problem
Hiya all,

I have a page which loads the TinyMCE editor. On the postback I obviously want to f