Forum Replies Created

Viewing 5 posts - 1 through 5 (of 5 total)

  • RE: How to identify that Dynamic Sql fail?

    Sql injection will not take place with this code.I already tried.

    declare @Inserttbl nvarchar(4000)

    declare @TableName varchar(50)

    declare @PId varchar(5)

    declare @Text varchar(50)

    declare @status varchar(5)

    set @TableName ='sample'

    set @Text = 'Helping hand;Delete table...

    December 12, 2016 at 9:37 pm

    #1917503

  • RE: How to identify that Dynamic Sql fail?

    I already done insertion through parameter only...

    December 12, 2016 at 5:31 am

    #1917346

  • RE: How to identify that Dynamic Sql fail?

    Actually I have done like this.Let me still sql injection take place?

    declare @Inserttbl nvarchar(4000)

    declare @TableName varchar(50)

    declare @PId int

    declare @Text varchar(50)

    declare @count int

    declare @status int

    set @TableName ='sample'

    set @Text =...

    December 12, 2016 at 5:12 am

    #1917342

  • RE: How to identify that Dynamic Sql fail?

    Thanks @joeroshan for ur help.I have done like this.Here I just printed msg but in reality I will do insert.

    declare @Inserttbl nvarchar(4000)

    declare @TableName varchar(50)

    declare @Text varchar(50)=null

    declare @count int

    set...

    December 12, 2016 at 4:10 am

    #1917334

  • RE: How to identify that Dynamic Sql fail?

    Thanks for reply.U mean to say like this

    declare @Inserttbl nvarchar(4000)

    declare @TableName varchar(50)

    declare @Text varchar(50)=null

    declare @count int

    set @TableName...

    December 12, 2016 at 3:48 am

    #1917330

Viewing 5 posts - 1 through 5 (of 5 total)