enriquezreyjoseph (9/27/2013)
Can I used this instead of sp_executesql i will use EXEC only??...cadavare
I'm not sure how many times I have to say "SQL Injection" to you. . . yes you can do what you're saying if you want to be vulnerable to SQL injection which will allow a malicious user to do a lot to your server.