posts - 4237, comments - 3946, trackbacks - 370

Disclaimer

This was my personal weblog originally hosted by UgiDotNet, written mostly in Italian.

This blog is now part of my new site:
These postings are provided 'AS IS' with no warranties, and confer no rights. The views expressed on this weblog are mine alone and do not necessarily reflect the views of my employers.

Licenza Creative Commons

Tag Cloud

Archives

Post Categories
<< Primo giorno di primavera... | Home | Adesso non possono dare la colpa agli arbitri... >>

SQL Ejaculation

No, non pensate male... è che se trovassi una cosa del genere in del codice che devo manutenere taglierei immediatamente le mani al programmatore/DBA!

...CUT... The exact opposite of SQL Injection is (named by me) SQL Ejaculation. SQL Ejaculation is the practice of DBAs trying to insert their idea of view logic into an application via stored procedures.

Here is a classic example of SQL Ejaculation.

CREATE PROCEDURE sp_getCustomers
AS
SELECT "<tr><td>" + FirstName + "</td><td>" + LastName + "</td></tr>"
FROM Customer

Leggete il resto alla fonte: SQL Ejaculation

Print | posted on sabato 22 marzo 2008 16:52 |

Feedback

Gravatar

# re: SQL Ejaculation

Questo è il vero software-come-un-servizio... ingenico.
22/03/2008 21:15 | Alesssandro Scardova
Comments have been closed on this topic.

Copyright © Lorenzo Barbieri