Re: Hacking dynamic sql -- MIDRANGE-L

Subject: Re: Hacking dynamic sql
From: Pete Helgren <Pete@xxxxxxxxxx>
Date: Wed, 05 Oct 2005 09:41:12 -0600
List-archive: <http://archive.midrange.com/midrange-l>
List-help: <mailto:midrange-l-request@midrange.com?subject=help>
List-id: Midrange Systems Technical Discussion <midrange-l.midrange.com>
List-post: <mailto:midrange-l@midrange.com>
List-subscribe: <http://lists.midrange.com/mailman/listinfo/midrange-l>, <mailto:midrange-l-request@midrange.com?subject=subscribe>
List-unsubscribe: <http://lists.midrange.com/mailman/listinfo/midrange-l>, <mailto:midrange-l-request@midrange.com?subject=unsubscribe>

Interesting, but in some ways a stretch. If you are careful aboutediting, the use of parameter markers, and, in the web world, the use ofexposed parameters, you wouldn't normally encounter this opportunity forhacking.

Worth reviewing your code for though.

First time I had ever seen the word "copacetic" used in print.  Cool!

Pete Helgren

rob@xxxxxxxxx wrote:

Interesting article on hacking dynamic sql.
http://www.itjungle.com/fhg/fhg100505-story02.html

Rob Berendt

As an Amazon Associate we earn from qualifying purchases.

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.