August 19, 2018 at 11:28 pm
Comments posted to this topic are about the item Using QUOTENAME()
August 20, 2018 at 12:48 am
Nice question to start the week on, thanks Steve
____________________________________________
Space, the final frontier? not any more...
All limits henceforth are self-imposed.
โlibera tute vulgaris exโ
August 20, 2018 at 1:33 am
Two points on the quotename function, the second parameter is the optional quote character and the function implicitly converts any input into nvarchar(258), except the XML data type.
๐
August 20, 2018 at 5:47 am
nice question steve
ta
---------------------------------------------------------------------------------------
The more you know, the more you know that you dont know
August 20, 2018 at 8:20 am
I only got this because Ken Fisher talked about at the North Texas SQL User group last Thursday ๐
------------------------------------------------------------------------------------------------Standing in the gap between Consultant and ContractorKevin3NFDallasDBAs.com/BlogWhy is my SQL Log File HUGE?!?![/url]The future of the DBA role...[/url]SQL Security Model in Plain English[/url]
August 20, 2018 at 11:31 am
One other important point (and, to me, the best reason to use QUOTENAME), is the built-in escaping of certain characters, which helps to prevent SQL Injection attacks in certain scenarios.
SELECT QUOTENAME('[]"''');
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply