Sp_executesql and sql injection

Level Extreme platform

Subscription

Corporate profile

Products & Services

Support

Legal

Français

Sp_executesql and sql injection

Message

From

26/05/2011 11:10:37

William Kuhn
The Kuhn Group, Inc.
St Marys, Kansas, United States

26/05/2011 11:08:49

Mike Yearwood
Toronto, Ontario, Canada

General information

Forum:

Microsoft SQL Server

Category:

Stored procedures, Triggers, UDFs

Title:

Re: Sp_executesql and sql injection

Environment versions

SQL Server:

SQL Server 2008

Application:

Web

Miscellaneous

Thread ID:

01510894

Message ID:

01511836

Views:

>>I don't see a need to pull up a dirty accusation. My original reply was clear enough and I do know difference between passing parameters and embedding them into a string.
>>
>>So please stop answering me with this nonsense.
>
>I wasn't talking to you in the first place. I don't associate with proven criminals, despite what the liberals feel.

Not just liberals.

Mike - you are way over the line.

____________________________________

Don't Tread on Me

Overthrow the federal government NOW!
____________________________________

Map

View

Click here to load this message in the networking platform