Welcome: Guest!

Sharepoint Forum

 
Home » Forum » Sharepoint       Ask a questionRSS Feeds

Best Practices for SQL Injection when using BDC with parameterized stored procedures

  Asked By: Hope Aguilar         Date: Jun 04, 2009      Category: Sharepoint      Views: 255
 

I have a regular Application Definition file which maps a series of stored procedures in a database, to which I want to make available to Sharepoint Web Parts.

The stored procedures need to be sent parameters, which in some cases are are concatenated to create the T-SQL Text.

In the web app which were using the stored procedues LINQ was used which created parameters before they were sent to SQL. The BDC does not have this capability, as far as I know.

Therefore, is there a way to overcome this while using the BDC with paramaterized Stored Procedures?


Do you know someone who can help? Share a link to this thread on twitter, or facebook.

Tagged:                        

 

No Answers Found. Be the First, To Post Answer.

 


Your Answer
  • Answer should be atleast 30 Characters.
  • Please put code inside [Code] your code [/Code].

 
Hall of Fame  |  Facebook  |  Twitter  |  LinkedIn  |  Terms of Use  |  Privacy Policy  |  Contact us
RSS Feeds: Articles |  Forum |  New Users |  Activities |  Interview FAQ |  Poll |  Hotlinks


Go4Sharepoint, is a Microsoft Featured Community. Microsoft, Windows, Sharepoint, Sharepoint logo, Windows logo, etc are trademarks of the Microsoft Corporation. All product names, logos, copyrights, and trademarks mentioned are acknowledged as the registered intellectual property of their respective owners. This site is not in any way affiliated with, nor has it been authorized, sponsored, or otherwise approved by, Microsoft Corporation.

Copyright © 2008-2011