预存程序可以利用拥有权链结提供对资料的存取,如此使用者即使没有明确的权限,也可以存取资料库物件。
Stored procedures take advantage of ownership chaining to provide access to data so that users do not need to have explicit permission to access database objects.
这位使用者仅存在资料库中,而且与登入没有任何关联。
This user exists in the database only and is not associated with a login.
只要不信任来自任一使用者甚至是资料库的所有资讯,即可防止指令码遭到入侵。
You help guard against script exploits by not trusting any information that comes from a user or even from a database.
应用推荐