Liquid Egg Product

Hip Hop Coding

I’ve never used Dynamic SQL before yesterday.

If you used to, still do, or think you will use it, the article The Curse and Blessings of Dynamic SQL seems to be an excellent write-up on some important aspects. Including defending against dreaded SQL injection attacks.

On help forums where someone responds “Use Dynamic SQL!”, there’s a good chance there will an example like the following:

DECLARE @SQL nvarchar(2000) SET @SQL = 'SELECT * FROM TableName WHERE Server = ''' + @ServerID + '''' EXEC (@SQL)

However, simply using EXEC is not a very good practice. Instead sp_executesql can be used to allow a more secure parameterized query:

DECLARE @SQL nvarchar(2000) SET @SQL = 'SELECT * FROM TableName WHERE Server = @ServerID' EXEC sp_executesql @sql, N'@ServerID nvarchar(100)', @TableName

For some reason, the syntax created a mental image of a du-rag clad Darius N’ServerID rapping about the virtues of Dynamic SQL.

October 20th, 2009 5 comments
Posted by Donnie Filed under Computer-fu

Search for:
Stuff
LEPers on FICS
Recent Comments
- Katrushka says: Oh good, now he’s going to see how...
- Donnie says: Actually, Mr. E is taking care of Aronian. I...
- Q says: Donnie’s been busy trying to foil Aronian...
- Donnie says: I haven’t been playing much chess at...
- Robert says: Triple
- Tom Shelton says: have you stopped playing at FICS or are...
- The Mascot says: Allegedly, Paul Truong and Sam Sloan...
October 2009

M T W T F S S

« Sep Nov »

1 2 3 4

5 6 7 8 9 10 11

12 13 14 15 16 17 18

19 20 21 22 23 24 25

26 27 28 29 30 31
Chess Blogs
Enemies
Not-Enemies
Pseudo-ads
Zombies
Corpses
Tag Cloud

Babes & Alleged Babes Bad Ads Bad Movie Night Blog News Burning Agony CG Chess Computer-fu Corridors & Creatures Eggony Eggs Vs Humans Entertainment Gaming Grilled Cheese History In the News Mascot for President Mathematics Monday Fighter! North Korea Patently Ineffective Random Religion Science/Technology Snake Oil Sports Tournament of Lepers Uncategorized Uncomfortability Weaksauce Losers
Størê de Gârbágè

Too s-eggs-y for these shirts?
Archives
- February 2012 (3)
- January 2012 (6)
- December 2011 (8)
- November 2011 (6)
- October 2011 (11)
- September 2011 (1)
- August 2011 (6)
- July 2011 (4)
- June 2011 (5)
- May 2011 (4)
- April 2011 (11)
- March 2011 (11)
- February 2011 (6)
- January 2011 (3)
- December 2010 (10)
- November 2010 (7)
- October 2010 (12)
- September 2010 (9)
- August 2010 (12)
- July 2010 (11)
- June 2010 (14)
- May 2010 (19)
- April 2010 (13)
- March 2010 (15)
- February 2010 (11)
- January 2010 (10)
- December 2009 (8)
- November 2009 (11)
- October 2009 (20)
- September 2009 (20)
- August 2009 (14)
- July 2009 (21)
- June 2009 (20)
- May 2009 (19)
- April 2009 (17)
- March 2009 (17)
- February 2009 (11)
- January 2009 (12)
- December 2008 (18)
- November 2008 (15)
- October 2008 (26)
- September 2008 (15)
- August 2008 (13)
- July 2008 (17)
- June 2008 (18)
- May 2008 (14)
- April 2008 (19)
- March 2008 (27)
- February 2008 (32)
- January 2008 (29)
- December 2007 (34)
- November 2007 (47)
- October 2007 (53)
- September 2007 (70)
- August 2007 (49)
- July 2007 (64)
- June 2007 (83)
- May 2007 (14)
ATOM
- Stay Crunchy
RSS
- Stay Crunchy

M	T	W	T	F	S	S
« Sep				Nov »
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31

Hip Hop Coding

Stuff

LEPers on FICS

Recent Comments

Chess Blogs

Enemies

Not-Enemies

Pseudo-ads

Zombies

Corpses

Tag Cloud

Størê de Gârbágè

Archives

ATOM

RSS