Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase ««12

Inserting into table with Powershell Expand / Collapse
Author
Message
Posted Thursday, December 6, 2012 8:43 AM


SSCertifiable

SSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiable

Group: General Forum Members
Last Login: Yesterday @ 6:11 AM
Points: 7,010, Visits: 8,461
Del Lee (12/6/2012)
Gotcha on the date formatting. I've implemented that, thanks.

Not sure why we are concerned about SQL Injection on this, though. I'm doing a straight INSERT. Care to elaborate?


I just always try to avoid any issues SQL Injection related.
Mainly to avoid copy/paste behaviour issues in the spirit of "That's how our DBA did it, so it must be OK"


Johan


Don't drive faster than your guardian angel can fly ...
but keeping both feet on the ground won't get you anywhere

- How to post Performance Problems
- How to post data/code to get the best help


- How to prevent a sore throat after hours of presenting ppt ?


"press F1 for solution", "press shift+F1 for urgent solution"


Need a bit of Powershell? How about this

Who am I ? Sometimes this is me but most of the time this is me
Post #1393569
Posted Thursday, December 6, 2012 8:48 AM
SSC Veteran

SSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC Veteran

Group: General Forum Members
Last Login: Thursday, August 28, 2014 7:35 AM
Points: 239, Visits: 369
I just always try to avoid any issues SQL Injection related.
Mainly to avoid copy/paste behaviour issues in the spirit of "That's how our DBA did it, so it must be OK"


I'm certainly interested in preventing SQL Injection, but I'm not really following how there is a danger of SQL Injection from doing a straight INSERT from within a powershell script.




Del Lee
Post #1393574
Posted Thursday, December 6, 2012 9:39 AM


SSCertifiable

SSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiable

Group: General Forum Members
Last Login: Yesterday @ 6:11 AM
Points: 7,010, Visits: 8,461
Guess what was the first script my win-admin produced using powershell: A nice GUI

A wpf window requesting user input.

Just like I did, he started off with "copy/paste"-ing scripts to assemble the stuff he needed.

That's one of the reasons I try to keep SQL Injection on top of my focus when producing scripts.



Johan


Don't drive faster than your guardian angel can fly ...
but keeping both feet on the ground won't get you anywhere

- How to post Performance Problems
- How to post data/code to get the best help


- How to prevent a sore throat after hours of presenting ppt ?


"press F1 for solution", "press shift+F1 for urgent solution"


Need a bit of Powershell? How about this

Who am I ? Sometimes this is me but most of the time this is me
Post #1393613
Posted Thursday, December 6, 2012 10:09 AM
SSC Veteran

SSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC Veteran

Group: General Forum Members
Last Login: Thursday, August 28, 2014 7:35 AM
Points: 239, Visits: 369
Ah, I see. You had a user input screen that ulimately called a powershell script. I'm with ya now.



Del Lee
Post #1393634
« Prev Topic | Next Topic »

Add to briefcase ««12

Permissions Expand / Collapse