Sign In
Sean Ferguson
Software Design EngineerExchange Hosted Services Archive
Translate This Page
Translate this page
Powered by
Microsoft® Translator
Options
Email Blog Author
RSS for posts
Atom
RSS for comments
OK
Search
Advanced search options...
Search In:
Everything
Blogs
Forums
People
Groups
Places
Pages
Date range:
All Time
Last Year
Last 6 Months
Last 3 Months
Last Month
Last Week
Last Two Days
Tags
SQL Index Size Blog
SQL Server
Archive
Archives
February 2009
(1)
October 2008
(1)
September 2008
(1)
August 2008
(1)
July 2008
(1)
June 2008
(1)
May 2008
(1)
April 2008
(1)
March 2008
(1)
September 2007
(1)
October, 2008
MSDN Blogs
>
Sean Ferguson
>
October, 2008
Posts
Subscribe via RSS
Sort by:
Most Recent
|
Most Views
|
Most Comments
Excerpt View
|
Full Post View
Sean Ferguson
Preventing SQL Injection with Parameters: Caveats
Posted
over 4 years ago
by
sferg
1
Comments
I learned something interesting about SQL parameters today. In my C# code I was passing a comma separated string as a parameter to a stored procedure using SqlParameter, but it was allowing ' through unchecked causing havoc in the stored procedure. It...
Page 1 of 1 (1 items)