pietlinden (9/23/2013)
Young Jedi,Read these:
http://www.sqlservercentral.com/articles/Security/sqlinjection/1269/
http://www.sqlservercentral.com/articles/Editorial/77168/
http://www.sqlservercentral.com/articles/sql+injection/65129/
I would consider dynamic SQL as an absolute last resort. Not a tool to be used by ex-Access programmers (I am one!) that have moved on to SQL Server. If the articles above don't scare you, ask your boss what would happen if you let someone run something like that...
thanks piet 🙂
But what is the meaning of "Young Jedi"? hehe