Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

Weekly Calendar
Hi, I am looking at creating a weekly calendar. The calendar will read from Monday - Sunday. Does an

private constructor
Hello,

Can we create a constructor as private? If yes, what is the use of it? If no, why can'

Parse Error with doctype
I'm getting a parse error with this simple code. I don't get it. It worked one time then when I relo

Blank record injected into database
I always found several blank records inside my database, although $SESSION is required to insert the

Deleting Partners on the Customer Master.
Does SAP handle removing the Partner from Open Sales Orders when a Partner is deleted in the Custome

PHP FTP connect doesn't work with correct login
Hi!

i am working on this test code:
Quote<?php

$ftp_ser

Change of partner analyse in sales orders
Hello,

I changed the partner analyse for sales orders and added a new mandatory partnerro

Request for tunning the below query
Hi,

Can any one help me on the below query while improving the performance,

Warning: mysql_num_rows() supplied argument is not a valid MySQL result resource
This may be simple I just may need another pair of eyes..

When i get records back the below c

Concatenate two strings ???
I have string one $string1 and another $string2.

How to concatenate (add) both of them $str

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash