Re: SQL Server for Oracle DBAs
Date: Tue, 3 Jun 2008 14:32:59 -0700 (PDT)
On Jun 3, 1:00 pm, "Tony Rogerson" <tonyroger..._at_torver.net> wrote:
> "This is such an important topic, and not as many people are aware of it as
> I thought. Before we start with an answer, let's define the term SQL
> injection. SQL injection occurs when an application program accepts
> arbitrary SQL from an untrusted source (think "end user"), blindly adds it
> to the application's SQL, and executes it. It "
The Tom referred to in "asktom" has stated he enjoys explaining the differences between Oracle and the other db engines. I suggest you (and any other person going between engines) buy his books and study them carefully.
> Like I said - SQL Injection and the link you posted is all about coder
> problems; sloppy coding leads to SQL injection attacks - common to all
> Seriously, if you don't know what SQL Injection is - what the hell are you
> doing teaching?
I must say, I've seen lots of SQL-server and mysql and php error messages on web pages, some definitely not a good idea.
-- @home.com is bogus. "How to Break Web Software" http://catless.ncl.ac.uk/Risks/24.34.html#subj13 word: bophoReceived on Tue Jun 03 2008 - 16:32:59 CDT