In my stored procedure I have a cursors that loops through another table and gets database column names and values to extend my query. After that my query will be executed with:
EXECUTE sp_executesql @SQLQuery, @ParamDefinition, @Value..;
Everything is fine, if my cursor returns only one column. If I have two columns and the first column is a bit and the second a nvarchar, I get the following error:
Failed to convert the nvarchar value “% apple%” to the bit data type.
I’ve read several posts and know now, that I need to cast my value, to get rid of that message.
Actually I add the value to my SQLQuery like that:
SET @SQLQuery = @SQLQuery + '@value'
To get rid of that error message above I need to write it like that (don’t ask me why there are 4 quotation marks needed :-D):
SET @SQLQuery = @SQLQuery + '''' + CAST(@value AS nvarchar(100)) + ''''
Ok and now we are at my actual question. The First ‘SET @SQLQuery..’ Part is injection safe. The second isn’t. Is there any way to get it injection safe?
I’ve read here: Can't cast a stored procedure parameter? that it isn’t possible to write the expression into the parameter (in my case @value)
I’ve also tried to cast it like that:
SET @value = CAST(@value AS nvarchar(100))
and also with quotation marks, but it doesn’t work. I get the same error message like above.
Dynamic SQL queries can be very frustrating
✓ Extra quality
ExtraProxies brings the best proxy quality for you with our private and reliable proxies
✓ Extra anonymity
Top level of anonymity and 100% safe proxies – this is what you get with every proxy package
✓ Extra speed
1,ooo mb/s proxy servers speed – we are way better than others – just enjoy our proxies!
USA proxy location
We offer premium quality USA private proxies – the most essential proxies you can ever want from USA
Our proxies have TOP level of anonymity + Elite quality, so you are always safe and secure with your proxies
Use your proxies as much as you want – we have no limits for data transfer and bandwidth, unlimited usage!
Superb fast proxy servers with 1,000 mb/s speed – sit back and enjoy your lightning fast private proxies!
99,9% servers uptime
Alive and working proxies all the time – we are taking care of our servers so you can use them without any problems
No usage restrictions
You have freedom to use your proxies with every software, browser or website you want without restrictions
Perfect for SEO
We are 100% friendly with all SEO tasks as well as internet marketing – feel the power with our proxies
Buy more proxies and get better price – we offer various proxy packages with great deals and discounts
We are working 24/7 to bring the best proxy experience for you – we are glad to help and assist you!