Does RS check for SQL injection

Last Post 05 May 2008 10:02 PM by SQLUSA. 0 Replies.
AddThis - Bookmarking and Sharing Button
Author Messages
SQLUSA
New Member
New Member

--
05 May 2008 10:02 PM
Since you are concerned about this, you should be using

dynamic stored procedure .

In the stored proc you can check the parms prior to assembling the dynamic SQL.

Also, frequently you can use CASE function instead of dynamic SQL.

Kalman Toth - Database, Data Warehouse & Business Intelligence Architect
SQL Server 2005 Training, SSAS, SSIS, SSRS: http://www.sqlusa.com/


Acceptable Use Policy
---