Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Do you know what is this string for 1

Status
Not open for further replies.
greathope123

greathope123

Programmer
Nov 1, 2011
84
GB
Hi,

I have found somebody tried to do something on my ASP web site by inserting
Result: chosen nickname "abcd"; sent;
in the web address. (where "abcd" may vary, perhaps is a username)
I have found a lot similar strings in Google.
Do you know what is that and how to avoid possible harm on my site?
 
Sort by date Sort by votes
Sql injection, dictionary attacks etc. etc.

Avoiding harm?

Always, always, ALWAYS "sanitise" any user input before presenting it in a database query.

Chris.

Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.
Webmaster Forum
 
Upvote 0 Downvote
Thank you.
Sometimes he inserts that string in a querystring.
What should I do to sanitise any user input?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

penguinspeaks
  • Locked
  • Question
Parse a database field that is comma delimited and input the results into another table
Replies
0
Views
191
penguinspeaks
penguinspeaks
leifoet
  • Locked
  • Question
How to check if a datatable is empty ?
Replies
0
Views
211
leifoet
leifoet
JScannell
  • Locked
  • Question
Border issue with Google Chrome on an Android phone
Replies
0
Views
201
JScannell
JScannell
DiDYRO_
  • Locked
  • Question
How do I make a VBS file that can collect dialog-type answers in a local .log file?
Replies
0
Views
183
DiDYRO_
DiDYRO_
how2trainyourdragon
  • Locked
  • Question
Request.Server variables blank for classic ASP
Replies
12
Views
547
GriffMG
GriffMG

Part and Inventory Search

Sponsor

Back
Top