SQLFacts: Injection in SQL SERVER

SQLFacts: Injection in SQL SERVER: SQL injection is a technique where  hacker  can inject SQL commands into an SQL statement, via web page.Injected SQL commands can comprom...
at

Why we can't execute a stored procedure from a User Defined function(UDF)

Functions cannot "touch" any database but read them only. Stored procedures can do anything and everything with databases. You ...