in

SQL Server Blogs

Voices from the UK SQL Server Community
All Tags » Security » TSQL (RSS)

Browse by Tags

  • Avoid SQL Injection with Parameters

    The best way to avoid SQL Injection is with parameters. With parameters you can’t get SQL Injection. You only get SQL Injection where you are building a SQL statement by concatenating your parameter values in with your SQL statement. Annoyingly many TSQL statements don’t take parameters, CREATE DATABASE...
    Posted to Simons SQL Blog (Weblog) by simonsabin on Mon, Apr 5 2010
Page 1 of 1 (1 items)
Powered by Community Server (Commercial Edition), by Telligent Systems