BuildSafe_InClauseTextList for more than 3 parameter and for sorting

I am trying to remove the warning "Avoid enabling the Expand Inline property of a SQL Query Parameter since it could make your application vulnerable to SQL injection" using BuildSafe_InClauseTextList and I was able to do with the help of this link and this.

and if I use https://www.outsystems.com/forums/discussion/78877/converting-text-to-textliteral/ this method it is giving an error -> invalid character

but how can I do it if I have more than 3 parameter if that expand inline is YES , should I add 3 BuildSafe_InClauseTextList action for all the parameters which contain expand inline YES ,

please suggest ,

Thanks

Nandini

14 days ago

Kavinilammurugu

Hi Nandini,
if any of the 3 parameters are from an aggregate, instead of passing the values as input. you can do a sub-query in your AdvancedSQL.
if the parameter values not from aggregates, then its better to use BuildSafe_InClauseTextList ot BuildSafe_InClauseIntegerList.

Thanks

Kavin

13 days ago

Daniël Kuhlmann

mvp_badge

MVP

Hi Nandini,

It would help to understand better your question if you share screenshot of your advances SQL with what type of input parameters you are passing and how you use them in your SQL statement.

Regards,

Daniel

13 days ago

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.

See the full guidelines