|
|
|
|
|
|
by joubee
5194 days ago
|
|
|
codinghorror.com: Give me parameterized SQL, or give me death http://www.codinghorror.com/blog/2005/04/give-me-parameteriz... I have fairly strong feelings when it comes to the stored procedures versus dynamic SQL argument, but one thing is clear: you should never, ever use concatenated SQL strings in your applications. Give me parameterized SQL, or give me death. There are two good reasons you should never do this. [I need to spend some time looking at this - tyvm benologist] |
|
|