student'coe
mysql_
using (var connection = new MySqlConnection("...")) using (var command = new MySqlCommand("INSERT INTO YourTable (Column) VALUES (@Column)")) { command.Parameters.AddWithValue("@Column", "student'coe"); connection.Open(); command.ExecuteNonQuery(); }
mysql_real_escape_string
public void ExecuteNonQuery(string commandText, CommandType commandType, params MySqlParameter[] parameters){ using (var connection = CreateConnection()) using (var command = connection.CreateCommand()) { command.CommandText = commandText; command.CommandType = commandType; if (parameters != null) { command.Parameters.AddRange(parameters); } connection.Open(); command.ExecuteNonQuery(); }}...yourClass.ExecuteNonQuery("INSERT INTO YourTable (YourColumn) VALUES (@YourColumn)", new MySqlParameter("@YourColumn", "student'coe"));
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)