Good SQL Injection Protection

Can anyone find fault with this code? I wrote in in hopes of preventing users from "breaking" SQL queries and getting places they shouldn't by using SQL Injections.

Code: ....

View Replies


ADVERTISEMENT

SQL Injection Protection

I have allways validated user input to pieces prior to integrating it into a SQL statement, in order to avoid SQL Injection attacs. A colleague of mine told me that binding my vars would make them SQL scalar, but I have been left in the dark as to HOW... The web left me none the wiser, as well, so here goes: Anyone got a brief example of binding vars in ASP to get me started?

View Replies View Related

Function For SQL Injection Protection

Can anyone help me with an ASP function to perfom the following:

Series of page like this
item.asp?ItemId=2345
news.asp?NewsId=23456
Sale.asp?SaleId=344444

I need a function i can include in lots of pages that basically says

if query string is "ItemId" then only allow numerics of a maximum of 4

if query string is "NewsId" then only allow numerics of a maximum of 5

if query string is "SaleId" then only allow numerics of a maximum of 6

In all of the above query strings of 1,2,3 etc numerals must also work.

Any help appreciated as I'm in deep "poop" battling Chinese hackers.

View Replies View Related

Authentication Protection

I have a site that currently is password protected, using a combination of ldap authentication and asp session management.
So for every asp page, I check the session to make sure they're authenticated, if not I send them to the login page.
BUT.... there is a robohelp componenet that is almost a website within this website. All these robohelp files are htm or html based, so I'm unable to put asp scripting (to check for session authentication).
So, my problem is, how do i protect these pages using my existing framework?

View Replies View Related

Copy Protection

I have a locally hosted (via an executable) asp application. Does anyone know what would be the best (cheapest) way to add copy protection in it?

The application is an exe web server with the asp pages embedded in the executable.
No one can copy the asp pages, but they can copy the executable and distribute it that way. I don't want them to do that.

If there is some sort of wrapper or asp code I could add to it for licensing or registration, please let me know.

View Replies View Related

Password Protection

After trying out 3/4 password scripts which I've used before and won't work today.I've come to the end of my tether! I need a ready made script asap to password protect a set of webpages, something simple with login and p/w for one user.

View Replies View Related

Website Protection

I have a webpage. However I only want people to access it if they are members of a certain group. When I say group I mean Active Directory group. The log into windows with their Active Directory username and PW, and lets say they are members of 'employee1' group in Active Directory. I'm pretty sure I use ASP, to restrict access to a webpage depending on the users group. how I would go about doing this?

View Replies View Related

Form Protection

How do people protect input from forms submitted that are
dangerous such as scripts, etc..

View Replies View Related

ASP Password Protection

help me with asp password protection? I need to have a login and register script as well as complete password protection.

View Replies View Related

MS-word Pwd Protection Using Asp

I have a webpage where user upload ms-word doc.. for supervisor, they can d/w the doc and print... but the normal user can just see the doc..

how to make ms-word password protetion only to normal user but not to supervisors?

View Replies View Related

Public Folders And Protection

we have a folder with pictures of signed up users. we are trying to protect this folder from the public in two ways. hide the relative path

e.g. /welcome/images/544235432.gif

makes it easy for a user to easily download this file . put a password and access the folder through this passwords .

View Replies View Related

Instruction Of Password Protection

where can I get straightforward step-by-step instructions to password protect part of a site?

View Replies View Related

Form To Email SPAM Bot Protection

I've recently had my ASP site attacked by these stupid bots and have tried a captcha protection, but it doesn't help.

Here's the problem:
I have a form where people send an enquiry to a client from my database (over 5000). After hitting the submit button, an email is posted to the client, a copy is sent to us and the info is published to a database for record / stat keeping.

I have put the captcha protection in the form, but although the tests show that the captcha form works, the emails are still sent off, therefore allowing the bot attacks.

There must be a gap I can plug with the captcha before the email is posted off or info sent to the database.

I have a formchecker running which forces required fields, and that works fine. I'd like the captcha to work the same. Before the form goes to the confirmation page, it must validate the captcha.

What can I do?

View Replies View Related

Check Directory/file Protection

Using ASP in a VBScript environment, how can I check the protection on a directory, or a
particular file?

View Replies View Related

Good Books

Does anyone know of any good ASP books in PDf format?I am new to ASP and I would like to do some reading on the subject.

View Replies View Related

Good Book

Most of my ASP programming experience is on NT4.We recently upgraded (replaced) our NT4 webserver with Win2k3 Web Edition.I am looking for a good book that I can go through that will show me the new and different ways IIS6 does things. I found out that some things still work from my old web site, but they no longer work on the new site.

View Replies View Related

Is Dreamweaver Good?

I've been doing ASP by hand-coding in either Homesite or Interdev for years. I have been using Dreamwever for static sites that I make on the side. I recently was asked to make a form which will store info in an Access database, and thought it would be a good chance to learn how to use Dreamweaver MX's ASP capabilities.

Haven't tried it yet, but reading up on it, it seems that it forces you to use Session variables. I'm not a big fan of session variables, and want to avoid them. Anyone here use DW MX for ASP?

View Replies View Related

Is Global.asa Good?

This questions is a little one sided, I used to have the connection to the database on the site until I learned about the global.asa and since then all my sites have used it. I don't know the benefits of this file vs any other methods so I have to ask. But first let me explain.

I have a site, one of the many using the global.asa, it works 2 Microsoft access databases that run pretty much simultaneously on the site. Today, my host sends me an email telling me that they are open constantly and it's causing them problems on their shared server. So I modified the asa to close the database after every session and the host I had done so. They replied shortly after saying that a session could be open for 20 minutes before closing and they did not see this amend as helping the problem. So I'm looking for an alternate method.

The site itself is a collection database with over 1,200 user accounts, I have absolutely no idea how many of these user accounts are actually in use, but that is how many registered users there are in the database. Most of the regular users probably visit every day or two and I know that the admin (of about 8) visits daily to update the records unless there is nothing to add.

I've been given 7 days to solve this problem or they will close this particular site down. So in this case, is global.asa a good idea? If not, what method could I use to minimise the database being opened?

View Replies View Related

Good Book

I need to learn ASP. Can anyone recommend a good ASP book for me. Also is there a good ASP manual online such as PHP.net for PHP.

View Replies View Related

Password Protection - Folders/individual Files

I have been using two forms of password protection:

A) On working web sites I use an ASP script that is included in every page requiring protection: uses session - works fine

B) On quick test sites or temporary stuff I use the Windows Network Authentication provided by my web host. A whole folder is protected at once which is very convenient but it has a problem. If a user types the wrong password and is denied access, the next time they go to type the password, their browser sometimes remembers the wrong password as so they go straight to the 'access denied' 401 page.

How to proceed?

1) Does anyone know of a way of preventing all browsers from cacheing the login info.

2) Is there any way of using ASP to protect whole folders?

View Replies View Related

File Protection :: Secure Files On My Server

I need to be able to secure files on my web server. I am using asp to secure access to links and pages, for example:

<%If Session("manager")=FALSE Then%>
You are not authorized to view this page
<%Else%>
<<<Page Code>>>
<%End If%>

The place I'm running into problems is with files. I have a lot of charts and such in PDF version. I kind of doubt there is a way to secure these files with asp, but I thought it would be worth a try.

My biggest issue is that PDFs are stored in the browser's history, so once the page has been accessed, anyone using the browser can get to thatunsecured PDF. As a brute force fix, is there some way to simply erase the site from the browser history? If not, is there a way to secure the PDF, or does someone know of a better group to post on?

View Replies View Related

Good Starter Book

I am an intermediate ASP programmer looking to start learning .NET and am
looking for a good book to start learning from. Anyone have any
recommendations on a good book to get me started?

View Replies View Related

Good Hosting Company

Ive been making asp sites for about 2 years, but my first "real" site is going to be going live soon. Im currently seeking out a reliable hosting company based in england to host this website. Has anybody got any ideas of a good host? Ive been searching around for some time, but have not come across any that looks good enough. Im not after a dedicated server, shared hosting will do.

View Replies View Related

Any Good Tutorial On Charts?

I looking for a tutorial on charts/graphs which would take information from the DB table. I have a column about 31000 records and numbered field of 001-0022. I hav another field which contains texts.

What I'm looking for is to show graphically on a scale of 001-022 as in the first field how many time does the search criteria appear.

For example: I search a keyword "hello"

and the graph would show 001: 30 times, 002: 4 times...022: 1 time, but as a chart.

I think it would be nice to add a percentage calculation too.

View Replies View Related

Good Execution Time

I have written a few functions that are used on several pages throughout my site and am wondering what a good exection time might be (generally). The inital page a user is faced with after logging in pulls data from several different tables and displays 40 rows all together.

The execution time for this particular page is the slowest at approx. 950 ms to 1400 ms.
This seems awfully slow. This is probably because I am executing 10 different stored procedures instead of one (I thought it would be too big of a challenge to write a single select statement and parse through all the data). What sort of execution times are acceptable to most of you? What do you usually shoot for?

View Replies View Related

Good Script Sites

I'm looking for some script sites that do things like ecards, calenders, journals etc. Do you know which are the top 3 for ASP?

View Replies View Related

Is ASPMail Good For Mass Email?

I am trying to send out a mass email newsletter. I have 600+ subscribers in our SQL Server Database. Well, is ASPMail (Server Object's product) good for this? If so I have some concerns about the error handling and assuring people don't continue to recieve the same email. Does anyone have expierence with this? If so, what is your advice?

View Replies View Related

Anyone Known A Good Form Handling ASP Script!

Since my efforts to get my current script working are not working out. Does anyone know of a good ASP form handling script that can work with my HTML form.

View Replies View Related

Recommendations For A Good Free ASP Forum ??

From the research that I've done so far, it appears that most of the Free Forum software out there, is designed for a PHP environvent/back-end.

Well, I know nothing about PHP (and dont have the time or desire right now to learn it), but I do know a thing or two about ASP.

I was wondering if anyone could recommend a good FREE ASP based Forum software. ????

View Replies View Related

Good Shopping Cart Script?

Does anyone know of a good yet simple shopping cart written in ASP? It doesn't have to be free I am willing to pay up to $200. I am just looking for a simple front end and an admin area to add products easily.

View Replies View Related

Extract Data In Good Format

i get some data from a session variable.(the session variable gets this data from another page).I want to display the data in a formatted manner.

View Replies View Related

Good Web Based Event Calendar?

I'm looking for a good web-based calendar that I can host on my website. Some features I'm looking for are the ability to schedule birthdays, anniversaries, etc.

with email notification of when the event is nearing. Picture uploads are something else I'm looking for. Easy to read and easy to maintain is also a plus.

View Replies View Related

File Protection :: Protect Files Or A Folders From Unauthorised Access

is there any way to protect files or a folder from unauthorised access, i.e.when a variable is false?

e.g.

when variable li = 1 then grant access to folder and files within
when variable li <> 1 then deny access

i have a folder with images and word documents i only want people with the variable set to 1 to be able to access them.is there a way?

View Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved