It has been a long time since I wrote about SQL Humor. Following is the cartoon sent to me by many (more than 10 times) so far by many users. I did not publish it till now as it has been quite popular and I believed many people had already seen it. However, recently by one of the quite big personality asked me why I have not included this in my blog, so I have finally decided to include that in my blog. Let us read humor about SQL Injection.
Those who have not understood it, please leave comments here. I will do my best to explain. One of the recommendations I give is about not using Dynamic SQL. There might be some situations where you can’t avoid it. My only advice would be, avoid if possible. In this blog, I would demonstrate a SQL Injection problem due to dynamic SQL and a possible solution you can have. Many have claimed SQL Injection is a SQL Server problem. It takes quite some time for me to let them know there is nothing about SQL Server and SQL Injection. SQL Injection is an outcome of wrong coding practices.
Here is an amazing article on this subject.
Reference : Pinal Dave (http://blog.SQLAuthority.com), Original Location of Cartoon.