Code has been added to clipboard!

How to Prevent SQL Injection

Example
txt_user_id = getRequestString("user_id");
txt_sql = "SELECT *  FROM users WHERE user_id = " + txt_user_id;