web

You’re offline. This is a read only version of the page.

News and Announcements icon

Dynamics 365 CommunityForums Microsoft Dynamics CRM (Archived) Fetch XML - prevent sq...

Microsoft Dynamics CRM (Archived)

Fetch XML - prevent sql injection

(0) Share

Report

Report

Posted on by Community Member

Hello

I am generating fetch xml queries in my server side code

I want to escape characters for <filter condition="like"...>

What should I do?

*This post is locked for comments

I have the same question (0)

All responses Img

All responses (2)

Answers Img

Answers (0)

Suggested answer

gdas 50,091 Moderator on at

Like (0)

Report

Hi Amir,

Can you please elaborate what is your requirement ? why you want to escape those characters ? Normally FetchXML are executed by internal dynamics CRM request method , so for me you don't need to worry about SQL injection in Dynamics CRM.

Was this reply helpful? Yes No
Suggested answer

LuHao 40,892 on at

Like (0)

Report
Hi Amir,

Could you provide your question background?

<filter condition="like"...>

can be converted into

WHERE column_name LIKE ...

Hope this helps.

Best Regards,

Lu Hao

Was this reply helpful? Yes No

Helpful resources

Quick Links

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

#1

SA-08121319-0 4

#1

Calum MacFarlane 4

#3

Alex Fun Wei Jie 2

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans