If I understand correctly then something like this could work:

In the SELECT list you need to display TaxID or MemberID but not both. Try this:

'ID' =

CASE

WHEN et.EntityTypeID = 1...

The only alternative that comes to my mind is to update all the rows that got missed and then replication will replicate them. Of course if there are too...

I meant to say and then execute that script on the production server.

Robert W. Marda

SQL Programmer

bigdough.com

The world’s leading capital markets contact database and software platform.

I believe the best way is to simply script the job and then execute that job on the production server. I don't know of any other way to move...

Yes, you can if you think it is worth the effort. You will have to use some Active X scripts but not neccessarily Active X script tasks. I...

Thanks for your comments. Please allow me to explain the reason I wrote the article the way I did:

The examples I used for the BirthDate constraint are based on...

That was my question too. It looked like to use those injection attacks the user would have to have access similar to Query Analyzer. What is the best...

I don't know that Microsoft has explained why you can only nest to nest level 32. I suspect they wanted to set some limit otherwise you could just have...

johncyriac:

Nice. I added a line to see to what level nesting it did:

create proc nest_sp_dec

@kount int

as

begin

select @kount

select @kount=@kount-1

SELECT @@NESTLEVEL AS NESTLEVEL

if @kount >0

exec nest_sp_dec @kount

end

and executed it...

Frank:

I found an article at the first link you mentioned called Manipulating Microsoft SQL Server Using SQL Injection. It focuses on using OPENROWSET and OPENDATASOURCE to execute unauthorized code...

jeaux:

With so small of queries in each SP there is no advantage I know of to use what I showed in my article over what you just posted.

The advantage comes...

I knew about the second link, however it seems to be only discussing ways to get a password for a user account. Once you have a password for an...

Frank (A.K.A. a5xo3z1):

The major danger I am aware of from sql injection attacks via data entered by a user and used in a stored procedure is when you dynamically build...

ianyates:

Good point. Placing the code that forces recompilation in its own SP should reduce the time spent to recompile.

Robert W. Marda

SQL Programmer

bigdough.com

The world’s leading capital markets contact database and...

David.Poole:

Can you provide me an example of what you want to do with INSERT/EXEC but can't with nesting stored procedures?

We don't often use INSERT/EXEC and so the focus of my...