That was my question too. It looked like to use those injection attacks the user would have to have access similar to Query Analyzer. What is the best way to prevent this kind of injection attack? Are there ways to make sure the door closes before the injected SQL can get attached?
Robert W. Marda
SQL Programmer
bigdough.com
The world’s leading capital markets contact database and software platform.
Robert W. Marda
Billing and OSS Specialist - SQL Programmer
MCL Systems