Home Forums SQL Server 2008 SQL Server Newbies Is this Vulnerable for SQL injection?.. RE: Is this Vulnerable for SQL injection?..

  • September 26, 2013 at 12:57 am

    #1653422

    AndrewSQLDBA (9/26/2013)

    YES!

    Anything that is Dynamic can be. Plus as everyone else has said, it is very poor practice. And poor performing.

    I wish that it were illegal for a front-end programmer to even open SQL Server. It isn't illegal for one to perform surgery on themselves. Why don't you try that next time you are ill?

    And you wonder why so many SQL DBAs are not being paid nearly enough, while having to deal with crap code that makes a SQL Server come to a crawl. And also given code like this to try and troubleshoot or change, all because the front-end programmer was fired.

    Andrew SQLDBA

    HAHAHAH..thanks andrew..

    can you "Re-Code" the above Code??...so that it will not be prone to sql injection...thanks andrew..