Forum Replies Created
Viewing 9 posts - 1 through 9 (of 9 total)
-
RE: Updated SQL Injection
AIM48 (3/24/2008)
Why not add a option to sql server to disallow multiple sql statements in one execution. (basically get rid of the ; in ad hoc queries). that would halt... -
RE: Working With SqlParameter in .NET
It should be noted that the “@” symbol is a syntax flag for parameters in the SQL CommandString, and is not part of the actual Parameter Name. The .Add methods...
-
RE: Working With SqlParameter in .NET
Anna (11/9/2007)
One other thing to note, Parameters.Add() has been deprecated in 2.0 and replaced with Parameters.AddWithValue();http://weblogs.asp.net/JackieG/archive/2005/03/22/395517.aspx
Not quite true. The specific overload of Parameters.Add(paramName As String, value As Object)...
-
RE: Updated SQL Injection
Even with parameterized queries, new SQL Injection techniques can still work. My point, however, was that in general one should never rely on client-side validation alone. This includes even...
-
RE: Updated SQL Injection
Oooooo-kaaay! I had just written up a long reply here with lots of important information, and went to HTML view to edit some of the generated code (did you...
-
RE: Management Studio with SQL Server 2000
I think you can still use isql or osql for quick queries. If you have Office Pro or Developer, you can use Access (preferrably 2003) Projects (.adp files, not .mdb)...
-
RE: Management Studio with SQL Server 2000
How does one manipulate user permissions for SQL2000 in SSMS? In EM, I could right-click on an object and edit what the groups could do, or right-click on a group...
-
RE: Who Has The Monitor?
Read it again: I didn’t ask you to guess the sequence (which is easy enough). I asked you to use SQL to come up with a solution to it —...
-
RE: Who Has The Monitor?
“indigenous&rdquo?
You keep using that word. I do not think it means what you think it means.
Okay, let’s see you SQL gurus use...
Viewing 9 posts - 1 through 9 (of 9 total)