Plateforme Level Extreme
Abonnement
Profil corporatif
Produits & Services
Support
Légal
English
Is there any equivalent of indirection (macro) in T-SQL?
Message
De
31/01/2007 15:02:42
Alex Feldstein
Floride, États-Unis
 
 
À
31/01/2007 14:59:09
Mike Yearwood
Toronto, Ontario, Canada
Information générale
Forum:
Microsoft SQL Server
Catégorie:
Syntaxe SQL
Titre:
Re: Is there any equivalent of indirection (macro) in T-SQL?
Versions des environnements
SQL Server:
SQL Server 2000
Divers
Thread ID:
01191074
Message ID:
01191097
Vues:
11
>You can create the SQL in a stored procedure like that, but since you're going to call sp_ExecuteSQL you still have to watch out for SQL Injection attacks. I just finished an article for FPA on the proper way to prevent them. Keep an eye out for it.


Good point. Had thought of that but in this case there is very low risk as it is in an Intranet and this particular function is only used by Admins to create some info for users to see.


Alex Feldstein, MCP, Microsoft MVP
VFP Tips: English - Spanish
Website - Blog - Photo Gallery


"Once again, we come to the Holiday Season, a deeply religious time that each of us observes, in his own way, by going to the mall of his choice." -- Dave Barry
Précédent
Suivant
Répondre
Fil
Voir

Click here to load this message in the networking platform