{"id":75975,"date":"2024-04-27T22:30:10","date_gmt":"2024-04-28T02:30:10","guid":{"rendered":"https:\/\/bangla.sitestree.com\/sql-server-dynamic-sql-stored-procedure-cursor-sql-injection-and-similar\/"},"modified":"2024-04-27T22:30:10","modified_gmt":"2024-04-28T02:30:10","slug":"sql-server-dynamic-sql-stored-procedure-cursor-sql-injection-and-similar","status":"publish","type":"post","link":"http:\/\/bangla.sitestree.com\/?p=75975","title":{"rendered":"SQL Server: Dynamic SQL, Stored Procedure, Cursor, SQL Injection, and similar"},"content":{"rendered":"<h1>SQL Server: Dynamic SQL, Stored Procedure, Cursor, SQL Injection, and similar<\/h1>\n<p><a href=\"https:\/\/youtu.be\/uje72uNAT6I?list=PLUA7SYgJYDFoharKbJxz2Hxw6xQITXvBn\">https:\/\/youtu.be\/uje72uNAT6I?list=PLUA7SYgJYDFoharKbJxz2Hxw6xQITXvBn<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>SQL Server: Dynamic SQL, Stored Procedure, Cursor, SQL Injection, and similar https:\/\/youtu.be\/uje72uNAT6I?list=PLUA7SYgJYDFoharKbJxz2Hxw6xQITXvBn<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[182],"tags":[],"class_list":["post-75975","post","type-post","status-publish","format-standard","hentry","category---blog","item-wrap"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":75827,"url":"http:\/\/bangla.sitestree.com\/?p=75827","url_meta":{"origin":75975,"position":0},"title":"MS SQL Server Dynamic SQl, T-SQL","author":"Sayed","date":"June 25, 2023","format":false,"excerpt":"MS SQL Server Dynamic SQl, T-SQL Mostly: Dynamic SQL Stored Procedure Trigger Cursor Function Sayed Ahmed What are the Most Important Most Used Design ERD Convert ERD to database Normalization Indexing SQL Stored Procedure Dynamic SQL These will come, not too frequent Function, User Defined Data Types, Temporary Table Trigger,\u2026","rel":"","context":"In &quot;\u09ac\u09cd\u09b2\u0997 \u0964 Blog&quot;","block_context":{"text":"\u09ac\u09cd\u09b2\u0997 \u0964 Blog","link":"http:\/\/bangla.sitestree.com\/?cat=182"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":76602,"url":"http:\/\/bangla.sitestree.com\/?p=76602","url_meta":{"origin":75975,"position":1},"title":"Dynamic SQL","author":"Sayed","date":"January 30, 2025","format":false,"excerpt":"\"Dynamic SQL is the SQL statement that is constructed and executed at runtime based on input parameters passed\" https:\/\/www.sqlshack.com\/dynamic-sql-in-sql-server\/ Example: ChatGPT DECLARE @sql AS NVARCHAR(MAX) SET @sql = 'SELECT * FROM Employees WHERE Department = ''' + @department + '''' EXEC sp_executesql @sql Another Example: Oracle table_name := 'HR.Employees'; dyn_sql\u2026","rel":"","context":"In &quot;Root&quot;","block_context":{"text":"Root","link":"http:\/\/bangla.sitestree.com\/?cat=1"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":69249,"url":"http:\/\/bangla.sitestree.com\/?p=69249","url_meta":{"origin":75975,"position":2},"title":"What are cursors? #38","author":"Author-Check- Article-or-Video","date":"August 15, 2021","format":false,"excerpt":"Cursors are server side database objects that are used by applications to apply operations on the database table data on a row-by-row basis. The operations may vary from one row to another row dynamically based on the requirements (business logic) and also multiple operations can be performed on the same\u2026","rel":"","context":"In &quot;FromSitesTree.com&quot;","block_context":{"text":"FromSitesTree.com","link":"http:\/\/bangla.sitestree.com\/?cat=1917"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":76598,"url":"http:\/\/bangla.sitestree.com\/?p=76598","url_meta":{"origin":75975,"position":3},"title":"What is a Dynamic Cursor in Oracle PL\/SQL","author":"Sayed","date":"January 29, 2025","format":false,"excerpt":"Dynamic\/Ref Cursor CREATE OR REPLACE PROCEDURE query_invoice( month VARCHAR2, year VARCHAR2) IS TYPE cur_typ IS REF CURSOR; c cur_typ; query_str VARCHAR2(200); inv_num NUMBER; inv_cust VARCHAR2(20); inv_amt NUMBER;BEGIN query_str := 'SELECT num, cust, amt FROM inv_' || month ||'_'|| year || ' WHERE invnum = :id'; OPEN c FOR query_str USING\u2026","rel":"","context":"In &quot;Root&quot;","block_context":{"text":"Root","link":"http:\/\/bangla.sitestree.com\/?cat=1"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/bangla.sitestree.com\/wp-content\/uploads\/2025\/01\/image-20.png?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":75826,"url":"http:\/\/bangla.sitestree.com\/?p=75826","url_meta":{"origin":75975,"position":4},"title":"Some Topics to Know and Understand to prepare for a DBMS related Job Interview","author":"Sayed","date":"June 25, 2023","format":false,"excerpt":"Some Topics to Know and Understand to prepare for a DBMS related Job Interview ACID ACID: https:\/\/www.geeksforgeeks.org\/acid-properties-in-dbms Database Normalization 1NF: No repeating groups possible for a cell, PK identified, dependencies mapped 2NF: No Partial Dependence. Non key attributes must have to depend on the full key 3NF: No transitive dependency.\u2026","rel":"","context":"In &quot;\u09ac\u09cd\u09b2\u0997 \u0964 Blog&quot;","block_context":{"text":"\u09ac\u09cd\u09b2\u0997 \u0964 Blog","link":"http:\/\/bangla.sitestree.com\/?cat=182"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":78165,"url":"http:\/\/bangla.sitestree.com\/?p=78165","url_meta":{"origin":75975,"position":5},"title":"Oracle PL\/SQL Concepts","author":"Sayed","date":"May 14, 2025","format":false,"excerpt":"Oracle PL\/SQL Concepts BLOCK declare .... Begin...End. Cursor Trigger Programming Clauses: if..then...else, case when, loops (for, while) Stored Procedure Function Advanced SQLs and Analytics Functions GROUP BY ROLLUP(), GROUP BY CUBE() RANK(), DENSE_RANK(), ROW_NUMBER() PARTITION_BY, ORDER BY X NULLS Last, ORDER BY X NULLS FIRST, RANGE BETWEEN INTERVAL 30 DAY\u2026","rel":"","context":"In &quot;Root&quot;","block_context":{"text":"Root","link":"http:\/\/bangla.sitestree.com\/?cat=1"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/posts\/75975","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=75975"}],"version-history":[{"count":0,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/posts\/75975\/revisions"}],"wp:attachment":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=75975"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=75975"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=75975"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}