MaximumASP
Packet Sniffer
Custom Essay
fax fax


Dynamic SQL Is Not Inline SQL

Posted by: youve been HAACKED, on 02 Nov 2005 | View original

Perhaps there is a better term I could be using when I referred to dynamic SQL in my last post. To my defense, I did mention using Prepared Statements. The key point to keep in mind while reading the last post is that Dynamic SQL does not necessarily imply Inline SQL. By inline SQL, I mean concatenated sql statements flung all over the code like a first year classic ASP developer. Like any good security minded developer, I detest inline SQL (as I define it here). A much better and safer approach...

Advertisement
The leading UI suite for ASP.NET - Telerik radControls
Outstanding performance. Full ASP.NET AJAX support. Nearly codeless development.
Category: #SQL | Other Posts: View all posts by this blogger | Login to add this post to your profile favorites Report as irrelevant | View bloggers stats

Similar Posts

  • Updated files for Dynamic method caller available... more
  • The power of generics compells you, the power of generics compells you... more
  • Extending dynamic sorting of objects using lightweight code generation. more
  • MSCRM - Callout's and XmlSerializer don't mix more
  • Stored Procedures Do Not Prevent SQL Injection more
  • Bak2Basics: Know thy indexes more
  • Stored Procedures Do Not Prevent SQL Injection more
  • SQL Prompt Now Free! more
  • SQL/e - Microsoft to release an Embedded Database version of SQL Server more
  • Injection Attacks more

News Categories

.NET | ADO.NET | Agile | Ajax | Architecture | ASP.NET | BizTalk | C# | Certification | Community Server | dasBlog | DataGrid | DataSet | Debugger | DotNetNuke | Events | GridView | IIS | Indigo | JavaScript | Mobile | Mono | Patterns and Practices | Performance | Podcast | Refactor | Regex | Security | Sharepoint | Silverlight | Smart Client Applications | Software | SQL | VB.NET | Visual Studio | W3 | WCF | WinFx | WPF | WSE | XAML | XLinq | XML | XSD