How can sanitation that escapes single quotes be defeated by SQL injection in SQL Server?

Question

To start this off, I am well aware that parameterized queries are the best option, but I am asking what makes the strategy I present below vulnerable. People insist the belo

Answer 1

There is probably no 100% safe way if you are doing string concatenation. What you can do is try to check data type for each parameter and if all parameters pass such validation then go ahead with execution. For example, if your parameter should be type int and you’re getting something that can’t be converted to int then just reject it.

This doesn’t work though if you’re accepting nvarchar parameters.

As others already pointed out. Safest way is to use parameterized query.