« Gateway Creative Sound Blast XFi Sound Card – Guaranteed Availability!
Asustek A8JR/A8SR for XP / Vista notebook drives download »

sql injection of GM-download the latest version 3.2 beta

This process of updating, asp developers is a big happy event; past there have been a friend that his asp site Trojans, and also from time to time and space to find such disputes and friction, and are used by or written asp site is not strict code of the filter (usually very little space to the safety of this vulgar error committed), but using this kind of anti-sql-injection procedures, before loading the filter, everything is worry-free!

Function has not changed, just patch installation may arise when a bug:

Option Explicit options open system does not use the normal bug, and optimize the definition of variables, with the user’s system to prevent duplication of variables.

Installed to provide some suggestions:
1. Is to call the main document, called the best use of absolute path, the path to prevent problems caused some unnecessary troubles. Such as:

<!–# include virtual = “/ Neeao.com / Neeao_SqlIn.Asp” ->

2. Installation of the time, preferably in the document called the head, some procedures may sometimes call in the document database connection, is not in the head, such as:

<%
search = Request.QueryString ( “search”)
%>
<!–# include file = “inc / conn.asp” ->

Data query, the search variables into the sql statement.
Under such circumstances, although conn.asp document called the anti-injection system, but the same is of no use, because sql-injection system in the variable get access to search through the parameters after the call, which will not be able to prevent the injection.
Solution: Each document calls conn.asp wrote at the top of the code, for example, the above:

<!–# include file = “inc / conn.asp” ->
<%
search = Request.QueryString ( “search”)
%>

Written like this, we can prevent the search variables were injected.

Original:http://www.linwan.net.cn/archives/2960.html

Related posts:

  1. Download: Ibeat will be special X-Fi Prelude 7.1 sound card driver latest version of RC6 Auzentech X-Fi Prelude 7.1 is the world’s first use of...
  2. There is no volume control taskbar icon Method One: 1. The Windows XP CD-ROM inserted into your...
  3. Match AudioFire8/AudioFire12 driver download 1.2009.15 Beta version. Echo AudioFire8/AudioFire12 FireWire Audio Interface Driver version 1.09.15 Beta For...
  4. AD1888 sound card drivers installed in Vista system Analog Devices AD1888 called AD1888, is integrated in the voice...
  5. 82801BA/BAMAC’97Audio sound drivers to download Multi-media computers, but not silent, a mute, it is pretty...

This entry was posted on Saturday, August 9th, 2008 at 3:48 am and is filed under Personal space. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site. |1,353 views

One Response to “sql injection of GM-download the latest version 3.2 beta”

  1. How-to Says:
    May 6th, 2011 at 12:09 pm

    I just wanna thank you for sharing your information and your site. I’ve learned something today. Thanks!

Leave a Reply