Ask a Question related to ASP Database, Design and Development.
-
Qwip #1
SQL security
Is it enough to simply use the replace function to convert single quotes
into two single quotes while allowing users to insert data into a SQL
statement?
Like so-
"SELECT whatever FROM table WHERE whatever = '" & replace(request("input"),
"'", "''" )
Thanks
Qwip Guest
-
Change Flash Security Settings? Security ManagerOffline?
Hello I have downloaded firefox and flash player, I have content which when I run it, flash blocks it wisely and reports that the page is trying... -
Error: code:Channel.Security.Error string:'Security
Flex 2.0 beta 1 I created an mxml application with the following tag: <mx:WebService id="ws"... -
System.Security.SecurityException: Security error
Dear All, The problem or error which I am getting while running my web application is as given below: Security Exception Description: The... -
Security tool to check CGI scripts for security holes/vulnerabities
I'm searching for a good security tool that I can use regularly to scan all the programs/scripts in my web servers cgi-bin directory to identify... -
Asp.Net Security Analyser (new security tool by DDPlus)
Hello I'm happy to announce that we (DDPlus) have just released the first stable version of our new Open Source Project: the Asp.Net Security... -
Jeff Cochran #2 Re: SQL security
On Sun, 12 Oct 2003 02:05:50 -0700, "Qwip" <asdas@emailasdasd.com>
wrote:
Umm... No. :)>
>Is it enough to simply use the replace function to convert single quotes
>into two single quotes while allowing users to insert data into a SQL
>statement?
>
>Like so-
>
>"SELECT whatever FROM table WHERE whatever = '" & replace(request("input"),
>"'", "''" )
Take a look at the SQL Injection FAQ for starters:
[url]http://www.sqlsecurity.com/[/url]
Jeff
Jeff Cochran Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
