Dear Anyone,
One of the common usage of report parameters in reporting services is having a free form text. One of the common ways of bringing data to RS is by using stored procs -- usually taking inputs from report parameters.
Does RS2005 have safeguards for SQL Injections and other hacking problems?
Thanks,
Joseph
RS uses the .Net SqlClient classes for building its queries. These classes guard against SQL injections issues.sql
No comments:
Post a Comment