What is the Sql Server equivalent for Oracle's DBMS_ASSERT?
Posted
by dotNetYum
on Stack Overflow
See other posts from Stack Overflow
or by dotNetYum
Published on 2009-11-11T22:05:43Z
Indexed on
2010/05/22
21:10 UTC
Read the original article
Hit count: 174
DBMS_ASSERT is one of the keys to prevent SQL injection attacks in Oracle. I tried a cursory search...is there any SQL Server 2005/2008 equivalent for this functionality?
I am looking for a specific implementation that has a counterpart of all the respective Oracle package members of DBMS_ASSERT.
- NOOP
- SIMPLE_SQL_NAME
- QUALIFIED_SQL_NAME
- SCHEMA_NAME
I know the best-practices of preventing injection...bind variables...being one of them.
But,in this question I am specifically looking for a good way to sanitize input...in scenarios where bind-variables were not used.
Do you have any specific implemetations?
Is there a library that actually is a SQL Server Port of the Oracle package?
© Stack Overflow or respective owner