http://ayende.comAyende @ RahienCopyright (C) Ayende Rahien 2004 - 2021 (c) 202660This would be a good place for one of us SP lovers to make a comment, but I will hold back :) http://ayende.com/2725/how-to-test-for-sql-injections#comment4http://ayende.com/2725/how-to-test-for-sql-injections#comment4Fri, 31 Aug 2007 14:18:38 GMTHehe. Fair enough. http://ayende.com/2725/how-to-test-for-sql-injections#comment3http://ayende.com/2725/how-to-test-for-sql-injections#comment3Wed, 22 Aug 2007 13:05:10 GMTJoe '; DROP DATABASE *; -- http://ayende.com/2725/how-to-test-for-sql-injections#comment2http://ayende.com/2725/how-to-test-for-sql-injections#comment2Wed, 22 Aug 2007 07:44:58 GMTA better test would drop master or msdb, that way the test could be re-used for other projects. WAITFOR DELAY '00:00:30' works too. http://ayende.com/2725/how-to-test-for-sql-injections#comment1http://ayende.com/2725/how-to-test-for-sql-injections#comment1Tue, 21 Aug 2007 23:27:01 GMT