Sorry, sprocs aren't immune to SQL injection, see
https://blogs.msdn.microsoft.com/brian_swan/2011/02/16/do-stored-procedures-protect-against-sql-injection, it depends on how they're written---if an sproc permits dynamic SQL, injection is possible; on the info you've provided so far, sql injection can't be ruled in or out.
Please answer: is the binary log enabled, are other logs enabled, is there replication, what does the error log show? Without such info, speculation on the cause of the problem is a waste if time.
> As I get in my office tomorrow I will try to have a look at the logs. Cannot do it from here.
For a production app like this there
must be a dba onsite or with remote access.
Edited 1 time(s). Last edit at 01/15/2019 02:51PM by Peter Brawley.