Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);
No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

reating a background image
I am building a site in drupal and have a php form in it, due to certain annoyances with module buil

need help with this contact form
I made this form and I need it to read the data and write the data to a table and its not working ca

Beginners syntax and loop questions - help please!
Hi everyone,

I have some problems with php code. I'm currently in the middle of learning php,

Typing math
I've added support for typesetting math using LaTeX on the forums.

Example:
Code: [Select]

dropdown menu
Hello everbody,

I am php newbie.
I need to develop a program that once click the drop do

Query output more than expected
$query=mysql_query("SELECT * FROM players, communities, divisions WHERE dob BETWEEN '{$start_da

mysql_real_escape_string making variable equal nothing
i post a form and i post the variable:
Code: $var = $_POST[variable];then i echo $var its what i

C - Reading a file into a byte array
Hi,

I'm trying to read a file into a byte array in C. I have to use C as this is for a loadru

md5 is it unique
I know this is most likely one of many simple questions that can be found semi easily. But I'm press

Impact of movement type 412 E on MAP
Hi

Usage of movement type 412 E is causing huge change in MAP .

Is there any r

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash