Re: Preventing ALL text SQL Injection by removing single-quotes ?
From: Brad M. (anonymous_at_discussions.microsoft.com)
Date: 08/30/05
- Next message: Sue Hoegemeier: "Re: Server Registration fails - figure this out !"
- Previous message: FloMister: "Re: Internet password attacks"
- Next in thread: Mercury: "Re: Preventing ALL text SQL Injection by removing single-quotes ?"
- Maybe reply: Mercury: "Re: Preventing ALL text SQL Injection by removing single-quotes ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 29 Aug 2005 17:03:05 -0600
Seriously, you need to stop replying to messages this way. Personally, I'm
not going to go into debate with you as to whether or not your question was
answered. You don't have the right to tell anyone that they can convey
their opinions or experience onto you *AFTER AND ONLY AFTER* (doesn't *THIS*
get annoying???) they specifically answered the question that you asked.
Experts (and they are called that for a reason) are here to pass on their
knowledge and experience that they have gained in the real world to people
that haven't yet gained the same.
And, just to cover my bases...if you really are a well-intentioned,
unfortunately-placed (and albeit, poorly-mannered) programmer and just
happen to be working with a bunch of retards (no offense to anyone you work
with, just an example) who aren't letting you do your job properly - quit
now. Because WHEN this thing sh*ts the bed (and I say when because it's a
matter of time), they're gonna come a-lookin' for you, and then you're gonna
come lookin' for us for help - small world isn't it? In short, be polite.
Life is like a jar of jalapenos - what you do today, might burn your ass
tomorrow...
Cheers
Brad
"Susan S via SQLMonster.com" <forum@SQLMonster.com> wrote in message
news:5178FC9FE1E8E@SQLMonster.com...
>
>>depends on the language and environment.
>
> It's server-side vbscript/asp code... reading a MS-SQL 2000 database.
>
>>You need to start thinking in terms of Layers of defence.
>
> We can't possibly change all the existing layers of security... and lack
> of
> security... that
> we've had in place for the past 5 years.
>
>> What happens if you FORGET a Replace?
>
> Same thing that happens whenver you don't make something work properly...
> it
> doesn't work.
> (Nor would I expect it to.)
>
> Honest.. .we *ONLY* need one question answered today.
>
> *AFTER* you answer that... then you are free to wonder off on 40 other
> topics.
>
> (But I have no need for that info... we *ALREADY* have that info.)
>
>
> --
> Message posted via http://www.sqlmonster.com
- Next message: Sue Hoegemeier: "Re: Server Registration fails - figure this out !"
- Previous message: FloMister: "Re: Internet password attacks"
- Next in thread: Mercury: "Re: Preventing ALL text SQL Injection by removing single-quotes ?"
- Maybe reply: Mercury: "Re: Preventing ALL text SQL Injection by removing single-quotes ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
