Examples/Safe_SqlInjection_1.ps1
|
function Invoke-SafeQuery { param($nameInput) # parameterized style (placeholder) $query = "SELECT * FROM Users WHERE UserName = @userName" Invoke-Sqlcmd -Query $query -Variable "userName='$nameInput'" } |