Security :: Protect SQL Database Against A SQL Injection?
Jan 19, 2010Incorrect syntax near 'are'. Unclosed quotation mark after the character string ')'.
how to protect my SQL database by using Csharp.net against a SQL injection.
Incorrect syntax near 'are'. Unclosed quotation mark after the character string ')'.
how to protect my SQL database by using Csharp.net against a SQL injection.
Can asp.net Dropdownlist and validating they safely protect against SQL injection attack ??
View 7 RepliesHow to protect from sql injection where if a ' is put in the end of the URL there is an error ?
View 12 RepliesI want to know how my data could be compromised using a statemnt like SELECT [ID], [item], [price] FROM [Items] where item LIKE '%' + mitem + '%'" what line of could be considered an attack to the data.
View 16 Repliesi almost finished my website
but i am afraid of sql injection to my website
how i can protect my self against this injection ...?
I'm working on a website that streams audio files for the user from a directory on the server machine. How do I protect the audio files from users being able to navigate to the folder and just downloading them locally, but still provide them access to stream them? If I set permissions on the folder via IIS, is there a level that I can set so that the server can stream but not allow anonymous access?I'm sure there is a tutorial or other thread about this out there, it's just hard to search for this specific issue. Any help or a simple link to another thread/tutorial
View 3 RepliesUser downloads a document from a specified site, saves to the local disk and fills in confidential details. When other users logs on to this computer and if they try to access the file, the document should not be accessible. Also consider that the document can be saved to a common server too, in which case, no one else other than the person who downloaded and filled the document should be able to open the document.
some options to protect this document.
I have contact form and offten using this form my web site is under attck... someone install some code who try to connect using java scriptand all java scripts that I'm using in my web site are infected...
How to protect my contact form?
I have built an ASP.NET application that needs to be password protected. This application will be installed on multiple offline computers, and we need to make sure that when being installed it requires a password. But even if it requires a password, someone can easily copy the database and the published folder and duplicate the application on their system right?
I need a way to prevent this. It should only work on laptops that we have installed it on.
I have written a namespace for a guestbook for my personal website. When I use a quote(") or single quote(') in a guestbook message the system(server) gives me a warning there is an error in my SQL syntax.
Incorrect syntax near 'are'. Unclosed quotation mark after the character string ')'.
I have tried to implement the answer of an older topic written by me in the namespace. But it gives me errors. [URL]
how to protect this namespace against SQL injections?
[Code]....
i have a problem in my asp application . Im trying to protect the path for my application using this code :
Uri t = Request.UrlReferrer;
May i know how to protect the bin folder dll's compiled from the Visual Studio 2005. I am doing the project in Asp.net & c#. One of My friend decompiled all the dll's and show me. Is there any procedure to make my code standard or any free third party tools to prevent from others.
View 4 RepliesHow can i restrict sql injection in my code. How can i test that one whether SQL injections are applicable or not
View 4 RepliesI have this file saved in the server. I do not want anyone to download with out authentication. How do I do that?
View 3 Repliesi have a search box, many text boxes which taken various inputs and save it to database using primitive methods such as "insert into....." executenonquerry etc.have read something that " a textbox by itself can prevernt attacks known as sql injections" is that true?if sohow to enable it?does it need extra coding?
View 1 RepliesCode:
Sub btnLogin_OnClick(Src As Object, E As EventArgs)
Dim myConnection As OleDbConnection
Dim myCommand As OleDbCommand
[code]....
I found this code for user authentication. How secure is this? Can this be bypassed? Can I protect a MySQL database with a password? Can people see a MySQL database's data if it's not protected?
I have a website that is going on a public server so I want to password protect it, but for a while only myself and a couple of others will be using it. I will eventually get it together to do it right and have the users in a database etc, but for now, I just want to put a couple of users with their passwords in the web.config and have them authenticate on a login page.
View 2 RepliesHow to protect our web.config file from external access.
I mean some sort of password protection.
I am interested in finding out how I would go about displaying a website wiithout forms authentication but to utilise forms authentication when the user makes a request by clicking in the signin button, and then the user will view other pages that are private and secure,
View 2 RepliesI have a requirement to make parts of forms (and sometimes the entire form) read-only based on the user's active-directory group. I already have integrated AD into the dynamic menu, so that users cannot view certain menu itmes based on their AD group - and this is working fine; however, now they want to get down to the control-level on the forms. The first way that comes to mind is for me to just grab the AD groups for the users and then loop through them, and write my own code to make controls read-only or enabled. Is this a good way to do it, or is there another way? Also, while we're on the topic, is there an easy way to protect an entire form, or maybe an entire panel?
View 1 RepliesMy Boss have given me assignment to find how a web based application developed in dotnet can be protected. As per agreement products developed in our company are assat of company and even not developers can gave the code. but still he wants to know how he can protect products in case a developer theft code and try to launch it from his home ?
View 4 RepliesI have a site in development with several web services (ASMX) that post important data to my database. When I navigate to the ASMX file in my browser, I can fill in the form with the parameters and post to the DB. If someone finds the URL to my WS, they can severely alter my database. I want to prevent people from being able to post to my WS publicly. So far, I've thought of two things that may but I'd like to know if there are any other ways:
Check to see if the HTTP Referrer to the WS method is the domain the WS is on Add an additional parameter called Key to all important WS methods and have this be an encrypted "password." Then encrypt my stored password on the WS side and compare if the keys match.
I have an application that has a user Login Control (provided by ASP). I am just now working with the integration of a dataBase created in MS visual studio 2010, to a developed website created in MS visual web developer 2010. My main goal is to create an authentication ticket that enables a user to be able to see a dataBase information only after that user has been successfully authenticated.
Up to now I'm able to see the dataBase when i run the website even if I'm not log-in, how i can create a home page that tells the user to log-in and once that user has successfully log-in it redirects the user to another page where the user can see the database and how I can add information to that dataBase only to specific members
I was just wondering if anyone has ever had to port the schema across? Are there any experts that could pitch their opinions on the achievability of this (mad) idea? I'm using the IBM Migration Toolkit and as expected its throwing a bunch of translation errors some of which were relatively easy to solve (vendor specific function calls for example) and some will take quite a while to pin down and work round.... however this is not my main concern.
If completed I expect I am going to have to basically rework all the System.Web.Profile/Roles/Membership namespace classes etc to work round the SQL limitations of informix (i.e. IDS11.x SQL server doesnt have a DEFAULT (newguid()) so that would have to be put into the calling method) (and any MVP comments really as I can slap my boss round with the weight after he ludicrously agreed to this project for a client without doing any research...)
web pages running on the localhost, if i copy the web page link (address link), then copy to the another tab or browser, it should not open, it should display a Login Page.
For example, web pages are
Login.aspx
Account.aspx
Once Login, account page will open, then copy the address link, then try to open in another tab or browser. It is directly account page is display.
Account page directly should not open without login page.
How to protect the web pages.