Re: Is it possible to sql inject this code?

From: "Uri Dimant" <urid@xxxxxxxxxxx>
Date: Thu, 19 Jan 2006 11:49:54 +0200

No

"Dixon" <vijaydixon@xxxxxxxxx> wrote in message
news:1137662421.965015.301250@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> Is it possible to sql inject this code?
> ------------------------------------------------------------------------------------------------------------------------------------------------
>
> ALTER PROCEDURE Sp_Login
> (@username as nvarchar(100),@password as nvarchar(100))
> AS
> select count (*)from Tablename where Username=@username and
> Password=@password
>
>
> RETURN
> ------------------------------------------------------------------------------------------------------------------------------------------------
>

.

References:
- Is it possible to sql inject this code?
  - From: Dixon

Prev by Date: Is it possible to sql inject this code?
Next by Date: Changing SQL default port - pros/cons
Previous by thread: Is it possible to sql inject this code?
Next by thread: Re: Is it possible to sql inject this code?
Index(es):
- Date
- Thread

Relevant Pages

Is it possible to sql inject this code?
... ALTER PROCEDURE Sp_Login ... (@username as nvarchar(100),@password as nvarchar) ... Prev by Date: ...
(microsoft.public.sqlserver.security)
Is it possible to sql inject this code?
... ALTER PROCEDURE Sp_Login ... (@username as nvarchar(100),@password as nvarchar) ... Prev by Date: ...
(microsoft.public.sqlserver.security)
Capture return value from stored proc
... how do i capture the return valuer from this SP? ... alter procedure dbo.TableExists ... @tablename as varchar ...
(microsoft.public.vb.database)