Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);
No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

IDOC error
Hi, When i send IDOC from ECC system to MII there is no problem ECC side, i says message sent succe

Am I setting up my sites oldschool?
Ok,

When I create a site I open a basic template that I have created that consists of a css f

Calling a Procedure with IN & OUT Parameters
Hello,

I usually call my procedures using the following way

declare variable e

Splitting Attributes
SQL> SELECT I_NAME, substr(I_NAME,1,instr(I_NAME,'O')) "First part",

substr(I_NAME, IN

Reading Most Recent CSV File in Directory
I thought I had wrapped this project up, but found out that the program I use to FTP a csv file to m

How do I get the row number from from an sql table query
Hi all

I have a table that I query and it returns a number of rows.
mysql_num_rows($query)

generating all possible random letters
hi'

how can i randomize the letters a,b,c,d,e all possible ways, and i want to print the res

parse error
Parse error: syntax error, unexpected '[', expecting ')' in /Users/admin/Sites/phptest/array.php on

Stopped working!
So I had to change some stuff, none of it major. Stuff like the extension_dir and such. BEFORE I did

Javascript using window.location seems to lose state
Not sure what forum so let me know if I'm in the wrong place. I have a main window with a ajax grid

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash