Vote UpVote

SQL Injection - Stored Procedures

Rob's Technology Corner – Security needs to be multiple levels deep. At one point in time several years ago there was a trend to have all websites code use stored procedures. I heard developers say it prevented SQL Injection.If the database you use allows you to build SQL statements with a string dynamically at run time in a stored procedure then you can have SQL injection in a Stored Procedure.   Each Database slightly different syntax and guidelines:Oracle  (See Page 12)PostgesSQL SQL ServerIn short: If your doing dynamic SQL inside your Stored Procedures you will have validate the input otherwise ...
Favorite? Off-Topic? Robert Love @ 2016-04-19 18:05


Visits: 1147
Votes: 4
Favorites: 1
Off-Topic: 0

Visits by Source

User Actions

Users who voted for this posting

Alister Christie
Ph. B.
Radosław Kokoć
Contact us to advertise on DelphiFeeds.com

Community Links

Torry Firebird News


Please login or register to use this functionality.
(click on this box to dismiss)