Home Forums SQL Server 2012 SQL Server 2012 - T-SQL Need assistance with making a sproc SQL Injection proof RE: Need assistance with making a sproc SQL Injection proof
Eirikur Eiriksson
SSC Guru
Points: 182882
More actions
April 21, 2014 at 12:28 pm
#1707539
Quite some room for improvements, start by moving the parameters to the sp_executesql params and validating the inputs.
😎