Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.databases.ms-sqlserver > #909

Re: Going into DB war zone. Need help !

From "Andrew Morton" <akm@in-press.co.uk.invalid>
Newsgroups comp.databases.ms-sqlserver
Subject Re: Going into DB war zone. Need help !
Date 2012-01-23 09:18 +0000
Message-ID <9o4n73FavoU1@mid.individual.net> (permalink)
References <18aa3cd5-28c9-4676-ae57-3c1cb84814d3@t2g2000yqk.googlegroups.com> <jfckh3$jbh$1@dont-email.me>

Show all headers | View raw

Bob Barrows wrote:
> Avoiding dynamic sql is a better goal, especially if writing web-based
> applications (sql injection is enabled by the use of dynamic sql).

That isn't exactly accurate: you can use parameters in SQL generated at 
run-time by the application.

-- 
Andrew

Back to comp.databases.ms-sqlserver | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

Going into DB war zone. Need help ! vaib <vaibhavpanghal@gmail.com> - 2012-01-20 12:36 -0800
  Re: Going into DB war zone. Need help ! "Bob Barrows" <reb01501@NOSPAMyahoo.com> - 2012-01-20 15:58 -0500
    Re: Going into DB war zone. Need help ! vaib <vaibhavpanghal@gmail.com> - 2012-01-21 06:25 -0800
    Re: Going into DB war zone. Need help ! "Andrew Morton" <akm@in-press.co.uk.invalid> - 2012-01-23 09:18 +0000
  Re: Going into DB war zone. Need help ! Erland Sommarskog <esquel@sommarskog.se> - 2012-01-20 23:32 +0100
    Re: Going into DB war zone. Need help ! vaib <vaibhavpanghal@gmail.com> - 2012-01-21 06:22 -0800
      Re: Going into DB war zone. Need help ! Erland Sommarskog <esquel@sommarskog.se> - 2012-01-21 17:42 +0100
        Re: Going into DB war zone. Need help ! vaib <vaibhavpanghal@gmail.com> - 2012-01-22 01:57 -0800

csiph-web