Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris
 
PerlMonks  

Re^4: Preventing malicious T-SQL injection attacks

by Win (Novice)
on Mar 05, 2007 at 15:34 UTC ( #603231=note: print w/replies, xml ) Need Help??


in reply to Re^3: Preventing malicious T-SQL injection attacks
in thread Preventing malicious T-SQL injection attacks

Can I also question the need to specify the number of variables that each SPROC can take. Because a SPROC won't allow an execution if an incorrect number of variables is specified.
  • Comment on Re^4: Preventing malicious T-SQL injection attacks

Replies are listed 'Best First'.
Re^5: Preventing malicious T-SQL injection attacks
by davorg (Chancellor) on Mar 05, 2007 at 16:05 UTC

    You can question whatever you want. It's your code, after all.

    But you need to know the number of parameters in order to create an SQL string with the correct number of placeholders. So DBI checks the number of parameters for you for free.

    You get an extra layer of defensive programming for no cost. I can't see any reason why you wouldn't want to make use of it.

      A reply falls below the community's threshold of quality. You may see it by logging in.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://603231]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (4)
As of 2018-09-23 22:13 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Eventually, "covfefe" will come to mean:













    Results (191 votes). Check out past polls.

    Notices?
    • (Sep 10, 2018 at 22:53 UTC) Welcome new users!