Your original problem didn't have to do with not using prepared statements, though. Just bad model design.

DELETE FROM `table` WHERE `ID`='$id' && `user_ID`='$uid'

Skydiver, on 29 August 2012 - 01:42 PM, said:

Thanks for the tips. I was using the IgnoreCase option when I had the Regex and Match split into two parts before I discovered MatchCollections and put them together on the same line. I thought that maybe it'd give me issues and I was at the point of just finding the minimum viable solution to put me on the right path.

I was also wondering why the escaping in a string had to be doubled up, but now I know it's not taken as verbatim literal until the @ is applied. Valuable information.

I'm also doing some reading up on my regular expressions (I can't count how many times I've been through this)... because that .* wild card isn't very secure at all.

I've been fighting this for a while and have finally found a plausible solution. I wanted to share it so that if anyone searches for the same they'll have somewhere to start.

I know there are many flaws with my REGEX, however it gets the job done right now. A big thing I want to point out that had me hung up for a long time is MatchCollection. I was just using Match and was looking for a problem in my regex for not matching recursively, and MatchCollection is what did the trick.

        public List<string> listStyleImages()
        {
            List<string> lstStyleImages = new List<string>();

            string theHTML = this.strHTML.ToLower();

            string re2 = "url\\(\\'?(.*[^\\'])\\'?\\)";

            MatchCollection matches = Regex.Matches(theHTML, re2);

            foreach (Match match in matches)
            {
                lstStyleImages.Add(match.Groups[1].Value);
            }
            

            return lstStyleImages;
        }

I am very open to suggestions on improving this tidbit.

I got a notification of a reply, where'd it go!?

Are you using WPF or Windows Forms?