Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
You may refer to this post of mine
SQL going nuts! does not accept parameters,?
Simply put I don’t have a choice I have to take input of which table the user wants and what the user wants from that table.
Please suggest a secure way to achieve this, within the limitations of the code
Thank you.
Why don’t you just define the what each user can do by means of application roles in your SQL Server database – then you just try to select something, and if that user doesn’t have the necessary rights, you’ll get an exception that you can handle.
Seems the easiest rather than building your own elaborate security system – there are always potential flaws and gaping holes in those “I’ll roll my own” schemes…….