This document provides information about SQL Injection attacks and how the risks associated with them are mitigated in the DataFlex application environment. When SQL statements written by a developer are included in an application program for direct execution by an SQL server, the developer is responsible for making sure that his or her programming style does not let the guard down for threats like SQL Injection or other risks.
What is an SQL Injection attack?
Are Visual DataFlex projects that use one of the Data Access CLI connectivity kits (DB2 Connectivity Kit, ODBC Connectivty Kit and Microsoft SQL Server Connectivty Kit) vulnerable for attacks described as SQL Injection?
From time to time we get this question because people read about SQL injection and with the CLI drivers you talk via ODBC to an SQL based server. To answer this question correctly one first needs to understand what SQL injection really is. Let's look what Microsoft
Updated 13-Feb-2011 at 02:01 AM by Vincent Oorsprong