What is a safe subset of SQL that can be exposed to a third-party, like support or customer?
A safe subset might be so small it’s not usable, but still, would allowing only a certain character set be safe? What about white-listing certain tokens in the stream?
sql injection syntax
i’v been asked: