SQL Consulting for Microsoft CRM

July 6, 2018

Which statement is true regarding  an SQL consultant's  use of user input as part of a dynamic SQL query?
A.  SQL Consulting recommend the string should be URL encoded by the input form to prevent errors.
B.  SQL consultants use the String.format () method should be used to prevent injection.
C.  SQL consultant uses quotes should be escaped to protect against SQL injection.

 D.  Free text input should not be allowed, to avoid SQL injection.

 

Discussion:  Use the string format to prevent injections and hijacking.

 

#SQLConsulting

 

 

Please reload

Our Recent Posts

Microsoft CRM Programmer and field construction

July 12, 2018

Microsoft Dynamics 365 Developer and system limits.

July 10, 2018

Microsoft CRM consultant using app designer

July 9, 2018

1/1
Please reload

Tags

1-310-722-1447

  • Microsoft Dynamics 365 Advisors
  • Microsoft CRM Advisors
  • Microsoft Dynamics 365 Advisors

©2018 BY MICROSOFT DYNAMICS 365 ADVISORS.