What is the Sql Server equivalent for Oracle's DBMS_ASSERT?

Posted by dotNetYum on Stack Overflow See other posts from Stack Overflow or by dotNetYum
Published on 2009-11-11T22:05:43Z Indexed on 2010/05/22 21:10 UTC
Read the original article Hit count: 174

Filed under:
|
|
|

DBMS_ASSERT is one of the keys to prevent SQL injection attacks in Oracle. I tried a cursory search...is there any SQL Server 2005/2008 equivalent for this functionality?

I am looking for a specific implementation that has a counterpart of all the respective Oracle package members of DBMS_ASSERT.

  • NOOP
  • SIMPLE_SQL_NAME
  • QUALIFIED_SQL_NAME
  • SCHEMA_NAME

I know the best-practices of preventing injection...bind variables...being one of them.
But,in this question I am specifically looking for a good way to sanitize input...in scenarios where bind-variables were not used.

Do you have any specific implemetations?
Is there a library that actually is a SQL Server Port of the Oracle package?

© Stack Overflow or respective owner

Related posts about sql

Related posts about sql-server