Re: stop sql injection
From: Beeeeeves (beeeeeeeeev_at_ves)
Date: 06/20/04
- Next message: Beeeeeves: "Re: WARNING. A simple cut and paste of 8 records can distroy a SQL Server table"
- Previous message: Hari Prasad: "Re: Find References to Deleted Field"
- In reply to: Aaron: "stop sql injection"
- Next in thread: Joe Celko: "Re: stop sql injection"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 20 Jun 2004 11:25:27 +0100
deny users access to underlying tables, but just give them access to the
specific stored procedures that get data out of them in the way you want.
"Aaron" <kuya789@yahoo.com> wrote in message
news:uExBTKiVEHA.3512@TK2MSFTNGP12.phx.gbl...
> Is there a way to disable the use of -- and ; in a sql query? i think this
> would prevent sql injection attacks. I'm using sql server 2000
>
> Thanks,
> Aaron
>
>
- Next message: Beeeeeves: "Re: WARNING. A simple cut and paste of 8 records can distroy a SQL Server table"
- Previous message: Hari Prasad: "Re: Find References to Deleted Field"
- In reply to: Aaron: "stop sql injection"
- Next in thread: Joe Celko: "Re: stop sql injection"
- Messages sorted by: [ date ] [ thread ]
