Preventing SQL Injection

Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

Your Answer:

Login to answer

Other forums

data type in column definition
Hi,
I create a table with column called "Direction of Travel code ".
The travel codes in t

PHP, jAVASCRIPT setting input values, why isn't it working?
Hi:

I am calling this javascript:
<script language="javascript">

Echoing If Function?
A script I am using has If statements in the comments form to basically tell the form what to do. Cu

EXplanation help
Hey all,

I am still fairly new to PHP programming and I am trying to put together a page wher

php ajax - two drop down list with a submit button
i have created a form with 2 drop-down list and a submit button. I would like to know how to pass th

I need to increse 6hours more, and i don't know how???
I need to increse 6hours more, and i don't know how???
<tr>
<t

Format timestamp from mysql
When I tried this:
Code: date("m/d/Y H:i A", $row['timestamp'])
I got 12/31/1969 18:

Taylor Series Function
So I am working a a project for my intro C++ class, and I am having some trouble with a function for

Mail Form receiving emails with no content
Hi, I hope someone here can help me.
I have a simple form in my website, it was working OK, after

calendar dates and hours compare problem
i have a calendar in wordpress, everything works great except that i can make 2 meetings at the same