SQL Injection – Beyond the BasicsCommented on: 2 years ago
(June 1, 2012)
Excellent article except that the database access rights should be the bare minimum required. Ideally all insert, update and delete should be by stored procedures and only select access on the user...
Microsoft seems to be bent on marginalizing SQL Server Standard Edition—both in the sense of the artificial constraints placed upon how much memory it can use, and in terms of what seems to be a shift in focus on the role of Standard Edition from Microsoft....More