Re: MS Access db as backend
- From: "Bob Barrows [MVP]" <reb01501@xxxxxxxxxxxxxxx>
- Date: Thu, 13 Sep 2007 19:53:40 -0400
Absolutely. Not a bit of dynamic sql in sight! :-)
(they use parameters - no concatenation to create sql statements)
zz12 wrote:
Are both link samples good enough to use in preventing sql injection?
Thanks for your speedy reply Bob. Much appreciated.
"Bob Barrows [MVP]" <reb01501@xxxxxxxxxxxxxxx> wrote in message
news:%23ByCBvl9HHA.5948@xxxxxxxxxxxxxxxxxxxxxxx
zz12 wrote:
Hello. Could anyone post or point me to somewhere that has a sample
model of a best practice for using .asp page to insert, select,
delete, update to an MS Access database? Stored Procedures I know
are the way to go for SQL Server but I heard parameterized Access
queries (saved Access queries or sql sommand code) were the
equivalent and if so what does the code look like?
Thanks in advance.
There's not much to it:
http://www.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&selm=e6lLVvOcDHA.1204%40TK2MSFTNGP12.phx.gbl
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&c2coff=1&selm=eHYxOyvaDHA.4020%40tk2msftngp13.phx.gbl
--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so
I don't check it very often. If you must reply off-line, then remove
the "NO SPAM"
--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"
.
- Follow-Ups:
- Re: MS Access db as backend
- From: zz12
- Re: MS Access db as backend
- References:
- MS Access db as backend
- From: zz12
- Re: MS Access db as backend
- From: Bob Barrows [MVP]
- Re: MS Access db as backend
- From: zz12
- MS Access db as backend
- Prev by Date: Re: MS Access db as backend
- Next by Date: Re: MS Access db as backend
- Previous by thread: Re: MS Access db as backend
- Next by thread: Re: MS Access db as backend
- Index(es):
Relevant Pages
|
|
