03-12-2007, 12:35 AM
|
|
my alter ego
|
|
|
Last photo:
|
|
Join Date: May 2005
Location: little kansas
Posts: 100
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
http://www.spidynamics.com/whitepape...LInjection.pdf
Quote:
Dead Ends
There are situations that you may not be able to defeat without an enormous
amount of effort, if at all. Occasionally you’ll find yourself in a query that you
just can’t seem to break. No matter what you do, you get error after error
after error. Many times, this is because you’re trapped inside a function
that’s inside a WHERE clause, and the WHERE clause is in a subselect which is an
argument of another function whose output is having string manipulations
performed on it and then used in a LIKE clause which is in a subselect
somewhere else. Not even SQL Server’s “;- -” can rescue you in those
cases.
|
|