Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);
No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

Contact Form Not Working When I Add Validation Codes
So I built my first working PHP "Contact Us" like form. But, I have been trying to now mak

need to apply an if/else statement to Tim Thumb script
Not sure how to work this. I essentially want to call a variety of image sizes based on which style

Check before inserting in DB ???
This is my code
---------------
if ( $_POST ['Submit'])
{{
$username = $_POST ['usernm

Why does my php page download images over and over
Can anybody please explain to me why my php page keeps downloading the images and other items every

Query output more than expected
$query=mysql_query("SELECT * FROM players, communities, divisions WHERE dob BETWEEN '{$start_da

Lack of simpleXML Documentation
What is up with this.

Look at: http://www.php.net/manual/en/function.simplexml-load-file.php<

Can php detect connection speed and thereafter swap out elements?
No code to post, lads, yet. Just looking for a yay or nay at this stage:

Can a php script be

array_map() probably obvious mistake
The code below is part of a class to escape strings, but should also accept an array, using array_ma

Procedural to OOP
ohn Kleijn said that to avoid writing "crappy code", we should learn OOP and common OO pri

printing links
Hi every1

i am connecting to a table in sql and the looping through with a while ($ var = my

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash