Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Do you know what is this string for 1

Status
Not open for further replies.

greathope123

Programmer
Nov 1, 2011
84
GB
Hi,

I have found somebody tried to do something on my ASP web site by inserting
Result: chosen nickname "abcd"; sent;
in the web address. (where "abcd" may vary, perhaps is a username)
I have found a lot similar strings in Google.
Do you know what is that and how to avoid possible harm on my site?
 
Sql injection, dictionary attacks etc. etc.

Avoiding harm?

Always, always, ALWAYS "sanitise" any user input before presenting it in a database query.

Chris.

Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.
Webmaster Forum
 
Thank you.
Sometimes he inserts that string in a querystring.
What should I do to sanitise any user input?
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top