May 27, 2026 at 12:00 am
Comments posted to this topic are about the item QUOTENAME Behavior
May 27, 2026 at 6:50 am
Classic XSS "<asdasd>"!
May 27, 2026 at 7:05 am
Is one of the answers supposed to be blank?
How to post a question to get the most help http://www.sqlservercentral.com/articles/Best+Practices/61537
May 27, 2026 at 7:44 am
DECLARE @s-2 VARCHAR(20) = 'Steve Jones'
SELECT QUOTENAME(@s, '>') as 'a',
QUOTENAME(@s, '<') as 'b',
QUOTENAME(@s, '><') as 'c',
@@VERSION as ver
FOR XML PATH(''), TYPE
-->>
<b><Steve Jones></b>
<c><Steve Jones></c>
<ver>Microsoft SQL Server 2025 (RTM-GDR) (KB5091223) - 17.0.1115.1 (X64)
Apr 19 2026 01:00:58
Copyright (C) 2025 Microsoft Corporation
Enterprise Developer Edition (64-bit) on Windows 10 Pro 10.0 <X64> (Build 26200: ) (Hypervisor)
</ver>
May 27, 2026 at 1:18 pm
HTML didn't like the correct answer: <Steve Jones>
LinkedIn: https://www.linkedin.com/in/sqlrv
Website: https://www.sqlrv.com
June 2, 2026 at 1:33 pm
<Steve Jones>Steve Jones</Steve Jones>
June 2, 2026 at 2:49 pm
Lol, apologies everyone. I'll award back points. Apparently my HTML box doesn't escape out HTML characters automatically. I've changed to the & lt ; character instead
Viewing 8 posts - 1 through 8 (of 8 total)
You must be logged in to reply to this topic. Login to reply