You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Require sql to only include placeholders like @value1@value2 etc. (or ?, ?, ?) and provide the resolution separately.
Automatically convert all tokens in the SQL to parameters, and supply them separately (so the SQL would contain Select * from Events where CategoryId = [QueryString:CatId] - but would then be converted to Select * ... where CategoryId = @par1
I personally prefer #2, but there is a minor problem that you might otherwise write sql with quotes or merged strings like WHERE SomeColumn = 'InitialText' + '[QueryString:...]' which would require you to remove the quotes. So there may be a break between preparing SQL in another tool and copy/pasting it to the DnnSqlDataSource
The text was updated successfully, but these errors were encountered:
Various Ideas
I personally prefer #2, but there is a minor problem that you might otherwise write sql with quotes or merged strings like WHERE SomeColumn = 'InitialText' + '[QueryString:...]' which would require you to remove the quotes. So there may be a break between preparing SQL in another tool and copy/pasting it to the DnnSqlDataSource
The text was updated successfully, but these errors were encountered: