Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

Best Practices for SQL Injection when using BDC with parameterized stored procedures

  Asked By: Hope    Date: Jun 04    Category: Sharepoint    Views: 1159

I have a regular Application Definition file which maps a series of stored procedures in a database, to which I want to make available to Sharepoint Web Parts.

The stored procedures need to be sent parameters, which in some cases are are concatenated to create the T-SQL Text.

In the web app which were using the stored procedues LINQ was used which created parameters before they were sent to SQL. The BDC does not have this capability, as far as I know.

Therefore, is there a way to overcome this while using the BDC with paramaterized Stored Procedures?



No Answers Found. Be the First, To Post Answer.