Is it possible to sql inject this code?

Is it possible to sql inject this code?
------------------------------------------------------------------------------------------------------------------------------------------------

ALTER PROCEDURE Sp_Login
(@username as nvarchar(100),@password as nvarchar(100))
AS
select count (*)from Tablename where Username=@username and
Password=@password


RETURN
------------------------------------------------------------------------------------------------------------------------------------------------

.

Relevant Pages

  • Is it possible to sql inject this code?
    ... ALTER PROCEDURE Sp_Login ... (@username as nvarchar(100),@password as nvarchar) ... Prev by Date: ...
    (microsoft.public.sqlserver.security)
  • Re: Is it possible to sql inject this code?
    ... > Is it possible to sql inject this code? ... > ALTER PROCEDURE Sp_Login ... Prev by Date: ...
    (microsoft.public.sqlserver.security)
  • Re: max min question
    ... > say username is TOM ... SELECT max,min,sumFROM tablename ... to use a query to normalize this data. ... "qNormalizedData" using this sql (it's a union query): ...
    (microsoft.public.inetserver.asp.db)
  • Re: Checking for value in a table
    ... Dim MyDB As DAO.DataBase, MyRec As Dao.RecordSet ... Set MyRec = MyDB.OpenRecordSet("Select * From TableName Where ... > the text value "Username" then return the the value in the second column ...
    (microsoft.public.access.modulesdaovba)
  • Re: max min question
    ... Instead of one row for each username, there would be 6 for each, thus making ... > Your table design is not normalized, making this a much more difficult ... > SELECT max,min,sumFROM tablename ... > union all ...
    (microsoft.public.inetserver.asp.db)