October 20, 2010 at 7:26 am
Hi All,
I have a Task where i will be getting a file on dailybasis in that i have a column called "Notes"
before loading that file into our DB i have to check wether there are any SQL Scripts or HTML tags in that particular column called NOTES
so that it wont effect our DB like(SQLINJECTION),the column NOTES is of Datatype Varchar(5000),
FYI that column has text about the customer and Agent discussion in less than 5000 words
so can some one suugest me how to create an SSIS package or write a SQl query to Filter those HTML and SQL SCRIPTS in that particular Column.
Thanks in Advance
October 20, 2010 at 11:33 pm
Hi, can you provide some sample data
October 21, 2010 at 8:01 am
What do yo mean by filter? Do you want to not allow the insert if it contains anything that might be html or sql? Do you want to remove the offending sections? What have you tried so far?
Are you using parameterized inserts? As long as it isn't harmful to the system does it matter if there is nonsense in this field? I think you will find that trying to remove anything that might be html or sql is going to be very painful and slow.
_______________________________________________________________
Need help? Help us help you.
Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.
Need to split a string? Try Jeff Modens splitter http://www.sqlservercentral.com/articles/Tally+Table/72993/.
Cross Tabs and Pivots, Part 1 – Converting Rows to Columns - http://www.sqlservercentral.com/articles/T-SQL/63681/
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs - http://www.sqlservercentral.com/articles/Crosstab/65048/
Understanding and Using APPLY (Part 1) - http://www.sqlservercentral.com/articles/APPLY/69953/
Understanding and Using APPLY (Part 2) - http://www.sqlservercentral.com/articles/APPLY/69954/
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply