I'm thinking of implementing centralised validation of input at a database level for protecting against sql injection. I do not trust this only be done at application level.
Nested stored procedures might be a way to do this.
Any thoughts on this?
Cheers,
Frank
--
Frank Kalis
Microsoft SQL Server MVP
Webmaster: http://www.insidesql.org/blogs
My blog: http://www.insidesql.org/blogs/frankkalis/[/url]