Preventing SQL Injection


Posted on 16th Feb 2014 07:03 pm by admin

I have a question about SQL Injection, In some of our code we use this: view plaincopy to clipboardprint?Replace(inString, "'", "''") Replace(inString, "'", "''") does this prevent all forms of SQL Injection? Also what exactly does parameterized statements do?view plaincopy to clipboardprint?myCommand.Parameters.AddWithValue("@username", user); myCommand.Parameters.AddWithValue("@password", pass);

No comments posted yet

Your Answer:

Login to answer
202 Like 50 Dislike
Previous forums Next forums
Other forums

Changes to hosting company's server has affected web contact form
I started a thread a couple of months ago about the contact forms on my client's website. Basically

my code does not work.
I have a code problem.

Quote"<a href=index.php?gogo=ureticidetay&'?l={$le

Extracting Long text from message class with parameters
Hi,

I would like to extract the long text from a message class. However, the long text ha

Ajax Error since Upgrading to 3.5
Ever since upgrading my site to .NET 3.5 (I needed LINQ), I've been getting this annoying error on o

Help with syntax
Hi all!

The $bridge variable is not getting passed while it is contained in the line below:

"SEO" URLs
Hey, I'm wondering how to go about creating and using these types of URLs. I'm presuming it's PHP th

Connection Timeout
I'm using xmii 12.0

I'm calling a transaction as a web service from a windows application

string to currency format
Hi guys...

Actually I chunk out some data from txtfile and one of the data contains amount va

PHP header help!
Hi all I am trying to get this php page to refresh every 5 seconds on my phone which is an aastra 48

Inserting Data into a MS Access DB using PHP.
As part of my uni course I am doing a placement at a company whom want me to create a client zone fo

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash