In order to
prevent SQL
injection, the
first basic
method is not
to use
dynamically
build sql
statements.
Use sql stored
procedures as
much as
possible.
Do not use
again sql
statements
build using
string methods
even in stored
procs.
Eralper
http://www.kody
az.com
http://www.eral
per.com |