How to prevent sql Injection

Outstanding Lioncatcher answered on April 12, 2021 Popularity 10/10 Helpfulness 2/10

answer How to prevent sql Injection

related how to prevent sql injection in java

related c# - What are good ways to prevent SQL injection?

related prevent sql injection commands C#

How to prevent sql Injection

Comment

// use prepared statement to prevent SQL injection
$preparedStatement = $dbConnection->prepare('SELECT * FROM animals WHERE name = ?');
$preparedStatement->bind_param('s', $name); 
$preparedStatement->execute();
$result = $preparedStatement->get_result();
while ($row = $result->fetch_assoc()) {
// Process $row
}

Popularity 10/10 Helpfulness 2/10 Language sql

Source: phppot.com

Tags: sql sql-injection

Link to this answer
Share Copy Link

Contributed on Jul 07 2021

Outstanding Lioncatcher

0 Answers Avg Quality 2/10

Closely Related Answers

how to prevent sql injection in java

Comment

// This should REALLY be validated too
String custname = request.getParameter("customerName");
// Perform input validation to detect attacks
String query = "SELECT account_balance FROM user_data WHERE user_name = ? ";
PreparedStatement pstmt = connection.prepareStatement( query );
pstmt.setString( 1, custname);
ResultSet results = pstmt.executeQuery( );

Popularity 10/10 Helpfulness 2/10 Language sql

Source: cheatsheetseries.owasp.org

Tags: java

Link to this answer
Share Copy Link

Contributed on Apr 12 2021

Puzzled Peafowl

0 Answers Avg Quality 2/10

c# - What are good ways to prevent SQL injection?

Comment

private static void UpdateDemographics(Int32 customerID,
    string demoXml, string connectionString)
{
    // Update the demographics for a store, which is stored  
    // in an xml column.  
    string commandText = "UPDATE Sales.Store SET Demographics = @demographics "
        + "WHERE CustomerID = @ID;";

    using (SqlConnection connection = new SqlConnection(connectionString))
    {
        SqlCommand command = new SqlCommand(commandText, connection);
        command.Parameters.Add("@ID", SqlDbType.Int);
        command.Parameters["@ID"].Value = customerID;

        // Use AddWithValue to assign Demographics. 
        // SQL Server will implicitly convert strings into XML.
        command.Parameters.AddWithValue("@demographics", demoXml);

        try
        {
            connection.Open();
            Int32 rowsAffected = command.ExecuteNonQuery();
            Console.WriteLine("RowsAffected: {0}", rowsAffected);
        }
        catch (Exception ex)
        {
            Console.WriteLine(ex.Message);
        }
    }
}

Popularity 10/10 Helpfulness 1/10 Language whatever

Source: sqlerrors.com

Tags: c# c

Link to this answer
Share Copy Link

Contributed on Aug 15 2022

e-mallz contact

0 Answers Avg Quality 2/10

prevent sql injection commands C#

Comment

string sql = "SELECT * FROM Customers WHERE CustomerId = @CustomerId";
SqlCommand command = new SqlCommand(sql);
command.Parameters.Add(new SqlParameter("@CustomerId", System.Data.SqlDbType.Int));
command.Parameters["@CustomerId"].Value = 1;

Popularity 8/10 Helpfulness 1/10 Language csharp

Source: cheatsheetseries.owasp.org

Tags: c# sql-injection sql-inject

Link to this answer
Share Copy Link

Contributed on Sep 18 2023

Ivan Londono

0 Answers Avg Quality 2/10

prevent sql injection commands C#

Comment

String query = "SELECT account_balance FROM user_data WHERE user_name = ?";
try {
   OleDbCommand command = new OleDbCommand(query, connection);
   command.Parameters.Add(new OleDbParameter("customerName", CustomerName Name.Text));
   OleDbDataReader reader = command.ExecuteReader();
   // …
} catch (OleDbException se) {
   // error handling
}

Popularity 8/10 Helpfulness 1/10 Language csharp

Source: Grepper

Tags: c# sql-injection sql

Link to this answer
Share Copy Link

Contributed on Sep 18 2023

Ivan Londono

0 Answers Avg Quality 2/10

How to prevent sql Injection

Contents

More Related Answers

How to prevent sql Injection

Closely Related Answers

how to prevent sql injection in java

c# - What are good ways to prevent SQL injection?

prevent sql injection commands C#

prevent sql injection commands C#

Grepper

Documentation

Social

Legal

Contact

Oops, You will need to install Grepper and log-in to perform this action.