In response to a SQL injection attack, I have a product description field that I would like to add a constraint to.
EMS tells me I cannot do this as the field is of the text data type and not varchar. The field needs to be able to handle over 8000 characters, hence the text data type.
Is there any way I can make sure that data entered into that field does not contain the string 'script'?
For varchars I have the following constraint:
not [FieldName] like '%script%'