Wrox Programmer Forums
|
ASP Pro Code Clinic As of Oct 5, 2005, this forum is now locked. No posts have been deleted. Please use "Classic ASP Professional" at: http://p2p.wrox.com/forum.asp?FORUM_ID=56 for discussions similar to the old ASP Pro Code Clinic or one of the other many remaining ASP and ASP.NET forums here.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the ASP Pro Code Clinic section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old May 19th, 2004, 11:37 AM
Registered User
 
Join Date: May 2004
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Default blocking sql injectin for a text felid form

can this be done with Access?
thx

 
Old May 19th, 2004, 04:48 PM
Friend of Wrox
 
Join Date: Jun 2003
Posts: 1,998
Thanks: 0
Thanked 3 Times in 3 Posts
Default

Hello,

Are you talking about access forms or ASP connecting to access? You prevent SQL injection attacks by blocking certain character sets, such as comments or additional queries appended on (union select ... ).

Brian
 
Old May 19th, 2004, 04:49 PM
Friend of Wrox
 
Join Date: Jun 2003
Posts: 1,998
Thanks: 0
Thanked 3 Times in 3 Posts
Default

Oh ultimately, stored procedures is best to use, but obviously Access doesn't support this. Just in case you wanted to know.
 
Old May 19th, 2004, 05:09 PM
Registered User
 
Join Date: May 2004
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Default

html form theat uses asp to connect to access database...
thx

 
Old May 19th, 2004, 08:26 PM
Friend of Wrox
 
Join Date: Jun 2003
Posts: 1,998
Thanks: 0
Thanked 3 Times in 3 Posts
Default

Yeah, in your ASP code, you have to write some code to block SQL injection from happening.
 
Old May 23rd, 2004, 11:38 PM
Friend of Wrox
 
Join Date: Jan 2004
Posts: 1,870
Thanks: 12
Thanked 20 Times in 20 Posts
Send a message via AIM to mat41
Default

Intiruged, and that code would be?

SQL injections. Please correct me if I am wrong, if you are connecting with a user who has limited permisions - how much devistation can these cause?

There is so many variables (client side validation) and back end hurdles to get over (user level, table level permissions) etc - is it worth out tme worrying ababout it??

Wind is your friend
Matt





Similar Threads
Thread Thread Starter Forum Replies Last Post
Convert Text(Sql Server Text Field) to Image(JPG) srinivas72 ADO.NET 2 February 13th, 2009 06:31 PM
blocking of page in IE austinf Javascript 0 March 13th, 2007 08:23 AM
Blocking in Sql Server whiterainbow SQL Server ASP 2 March 23rd, 2005 08:15 AM
firewall blocking cookies olambe BOOK: ASP.NET Website Programming Problem-Design-Solution 1 June 9th, 2004 08:40 PM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.