Posted by Trevor Best on 12/05/05 10:33
Danny wrote:
> In general its not a security concern unless you are restricting columns
> through a view. New columns would show up (assuming the view was
> refreshed). Basically select * should be avoided unless it is the intend to
> expose all columns no matter what. The bigger concern is when it's embeded
> in code. The code could break if columns are changed.
If you have "select * from table1" in code and drop column2 how is that
different from having "select column1, column2, column3 from table1" in
code and dropping column2? (apart from the error ocurring on a different
line of code of course:-))
[Back to original message]
|