Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);
No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

ECC6 - Single sign-on
We are in the process of upgrading to ECC 6 which will support single sign on with user passwords al

Strip Slashes Help
I've got a script that i've downloaded of the net to edit multiple fields from my sql database, and

Multiple upload and Resize
I would like some help on my script I have the for my index.php

////

<html&

How do I create a 2D game "camera" to follow player?
In J2ME programming I'm targeting MIDP 2.0 devices.

I'm using gamecanvas and I was thinking t

Can't seem to capture a variable in a chained select
I'm *this* close to having a chained select running but for some reason it doesn't seem to be pickin

MySQL Primary key gap
Alright, so I have a table with 26 entries in it (id, filename, caption) for my image randomiser (ht

Multiple while loops
I have several DB queries that I know should be returning results and aren't. I have a feeling it ha

Must-Know Topics of PHP
Can you guys list the must-know topics of PHP. I am still a learner and I am trying to cover most of

SAP Business Suite
Hi all:

Within the SAP Business Suite solution I would like to ask you the main differenc

Oracle Connectivity
Hi Every One,

Can we access SAP from oracle database.If it possible then please spec

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash