I have a general question. We are migrating a Manufacturing Plant MIS system from DBF to SQL 2008 R2.
We are ready to release our initial version to a few beta customers.
But I have read alot about SQL injection attacks and how you should never code queries into your program but pass parameters to stored procedures.
Is this a concern mostly for web applications? Or is it also a concern with desktop applications written in VB6 and VB2012?