Does RS check for SQL injection

Last Post 05 May 2008 11:02 PM by SQLUSA. 0 Replies.
AddThis - Bookmarking and Sharing Button Printer Friendly
  •  
  •  
  •  
  •  
  •  
Sort:
PrevPrev NextNext
You are not authorized to post a reply.
Author Messages
SQLUSA
New Member
New Member

--
05 May 2008 11:02 PM
Since you are concerned about this, you should be using

dynamic stored procedure .

In the stored proc you can check the parms prior to assembling the dynamic SQL.

Also, frequently you can use CASE function instead of dynamic SQL.

Kalman Toth - Database, Data Warehouse & Business Intelligence Architect
SQL Server 2005 Training, SSAS, SSIS, SSRS: http://www.sqlusa.com/
You are not authorized to post a reply.

Acceptable Use Policy