T-SQL Smarts -- Preventing Injection Attacks Working with dynamic SQL is all well and good, but avoid the risks that can lead to your code being susceptible to a SQL injection attack.

Part 1 of this article introduced four new T-SQL functions available in SQL Server 2012. Part 2 has the rest.