Busy at the moment, but throwing out this quick question: if you're
using named parameters like below, can you get burnt?
INSERT INTO Users (FirstName, LastName, UserID) VALUES (?pcFirstName,
?pcLastName, ?pcUserID)
tia,
--Mike
On 2015-05-28 11:58, Stephen Russell wrote:
If you have VFP in front of an RDBMS this may be of interest to you.
This
article is for SQL Server but the same threats are against other
vendors as
well
http://www.mssqltips.com/sqlservertip/3637/protecting-yourself-from-sql-injection-in-sql-server--part-1
So how good is your backup and restore plan anyway?
--
Stephen Russell
Sr. Analyst
Ring Container Technology
Oakland TN
901.246-0159 cell
--- StripMime Report -- processed MIME parts ---
multipart/alternative
text/plain (text body -- kept)
text/html
---
[excessive quoting removed by server]
_______________________________________________
Post Messages to: [email protected]
Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox
OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech
Searchable Archive: http://leafe.com/archives/search/profox
This message:
http://leafe.com/archives/byMID/profox/[email protected]
** All postings, unless explicitly stated otherwise, are the opinions of the
author, and do not constitute legal or medical advice. This statement is added
to the messages for those lawyers who are too stupid to see the obvious.
