logo
g Text Version
Beauty & Self
Books & Music
Career
Computers
Education
Family
Food & Wine
Health & Fitness
Hobbies & Crafts
Home & Garden
Money
News & Politics
Relationships
Religion & Spirituality
Sports
Travel & Culture
TV & Movies

dailyclick
Bored? Games!
Nutrition
Postcards
Take a Quiz
Rate My Photo

new
Painting
Heart Disease
Horror Literature
Dating
Hiking & Backpacking
SF/Fantasy Books
Healthy Foods


dailyclick
All times in EST

Full Schedule
g
g ASP Site

BellaOnline's ASP Editor

g

Checking Input Fields for Security

Guest Author - Lisa Shea

Any time you use a HTML input field or form in order to work with a database, it is critical that you do security checks on that data. Otherwise you could be open to hacker attack.

Say you take in a field you call

UserName

If you do ANY SQL operation with this field, someone could easily put a ; into that username and in essence tell the first part of the SQL statement to end, and then insert any SQL command they wished into the second half. Your database could be deleted, shut down, or worse.

Here are some safety precautions you should take with every input field that is text. Non-text input fields should of course be verified that they are only of the proper type.

UserName = Replace(UserName, ";", "")
UserName = Replace(UserName, "-", "")
UserName = Replace(UserName, "'", "")
UserName = Replace(UserName, "/", "")
UserName = Replace(UserName, "\", "")


This site needs an editor - click to learn more!

Add Checking+Input+Fields+for+Security to Twitter Add Checking+Input+Fields+for+Security to Facebook Add Checking+Input+Fields+for+Security to MySpace Add Checking+Input+Fields+for+Security to Del.icio.us Digg Checking+Input+Fields+for+Security Add Checking+Input+Fields+for+Security to Yahoo My Web Add Checking+Input+Fields+for+Security to Google Bookmarks Add Checking+Input+Fields+for+Security to Stumbleupon Add Checking+Input+Fields+for+Security to Reddit




RSS | Related Articles | Editor's Picks Articles | Top Ten Articles | Previous Features | Site Map


For FREE email updates, subscribe to the ASP Newsletter


Past Issues


print
Printer Friendly
bookmark
Bookmark
tell friend
Tell a Friend
forum
Forum
email
Email Editor


Content copyright © 2013 by Lisa Shea. All rights reserved.
This content was written by Lisa Shea. If you wish to use this content in any manner, you need written permission. Contact BellaOnline Administration for details.

g


g features
Best uses for RSS

RSS and its future.

Force Download Dialog box with ASP

Archives | Site Map

forum
Forum
email
Contact

Past Issues
memberscenter


vote
Poetry
Daily
Weekly
Monthly
Less than Monthly



BellaOnline on Facebook
g


| About BellaOnline | Privacy Policy | Advertising | Become an Editor |
Website copyright © 2013 Minerva WebWorks LLC. All rights reserved.


BellaOnline Editor