D
Drew
Bob pointed me in the right direction yesterday with his response to my
question "Operation is not allowed when the object is closed with Insert
Stored Procedure", but now I am having problems with his suggestion,
In that thread, Bob says,
"Actually, this technique is leaving you vulnerable to hackers using sql
injection. Part of the reason for using stored procedures with
parameters is so you don't have to resort to dynamic sql to execute
them. Here is how I would run this procedure:
conn.InsertTask "",varTaskID, varDescription,varAssignedTo"
I have edited the other SP's on the page, and am now getting the following
error,
Parameter object is improperly defined. Inconsistent or incomplete
information was provided.
I am unable to find documentation that cites this example, so I figured I
would come back here and see what advice I can get.
Thanks,
Drew
question "Operation is not allowed when the object is closed with Insert
Stored Procedure", but now I am having problems with his suggestion,
In that thread, Bob says,
"Actually, this technique is leaving you vulnerable to hackers using sql
injection. Part of the reason for using stored procedures with
parameters is so you don't have to resort to dynamic sql to execute
them. Here is how I would run this procedure:
conn.InsertTask "",varTaskID, varDescription,varAssignedTo"
I have edited the other SP's on the page, and am now getting the following
error,
Parameter object is improperly defined. Inconsistent or incomplete
information was provided.
I am unable to find documentation that cites this example, so I figured I
would come back here and see what advice I can get.
Thanks,
Drew