All Questions
Tagged with sql-injection sql-server
4 questions
12
votes
1
answer
317
views
Safe dynamic SQL for generic search
Prompted by discussion about SQL injection, I wanted to put a proof of concept forward to get feedback about whether this is in fact safe and protected against SQL injection or other malicious use. ...
- 2,039
3
votes
1
answer
172
views
Stored procedure to query custom data tables as dynamic SQL
There's a lot going on here, but the background for why this is necessary is that there is a set schema, or 'core' set of tables that are prefixed with 'bu', and any core table can have a custom table ...
- 131
5
votes
1
answer
166
views
Updating an item's status in MS SQL Server using ODBC
Is the following query is vulnerable in terms of $itemstatus? I want to be sure about it. $yesorno is a user input which is ...
- 51
34
votes
5
answers
17k
views
Creating ADODB Parameters on the fly
I have put together a small wrapper class to simplify creating parameterized ADODB queries with VB6/VBA. At this point I'm keeping things simple, so it's only supporting input parameters and from what ...
- 75.5k