Timeline for Why put a simple query into a stored procedure in a web service?
Current License: CC BY-SA 3.0
3 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Aug 13, 2012 at 2:56 | comment | added | Carson63000 | @IsaacFife: sounds like you've already hit that happy moment in the life of a junior programmer where you discover that some of the senior programmers are just older than you, not actually better programmers. :-) | |
| Aug 13, 2012 at 0:35 | comment | added | Isaac Fife | Thanks for your input! The strange part of it is, before I started here they never used ADO.Net parameters to prevent injection. I had to show him what it was. He was using a homemade SQL cleaner method on each parameter before he concatenated it to the SQL string. I completely understand your answer, but since the beginning I've felt like I've been the one making sure these sites are secure. I'll give this a day or two before I choose who to give a check mark to. | |
| Aug 13, 2012 at 0:20 | history | answered | pdr | CC BY-SA 3.0 |