Re: Options for poorly performing SQL

From: Stephane Faroult <>
Date: Mon, 04 Feb 2013 16:30:10 +0100
Message-ID: <>


> They refuse to even look at the statement because
> it is dynamically created in the application using javaScript.

That's the best part. Try to read on how easily one can tweak client-side scripting, lecture somebody high enough in the hierarchy on SQL injection, and I think that your application will be changed very fast.

HTH, S Faroult

Received on Mon Feb 04 2013 - 16:30:10 CET

Original text of this message