Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Preventing Injection attacks
Message
From
22/08/2008 17:41:04
Craig Berntson
Quicken Loans
Salt Lake City, Utah, United States
 
General information
Forum:
Microsoft SQL Server
Category:
Other
Title:
Re: Preventing Injection attacks
Environment versions
SQL Server:
SQL Server 2005
Miscellaneous
Thread ID:
01341172
Message ID:
01341260
Views:
12
So, you limit the data they can put into that field. I also didn't say an SP was your only defense, only the first line of defense.

>If a user typed < script > in the field using stored procedures would not help.
>
Craig Berntson
MCSD, Microsoft .Net MVP, Grape City Community Influencer
Previous
Reply
Map
View

Click here to load this message in the networking platform