~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From: "Jon Barnhardt" <[EMAIL PROTECTED]> Subject: RE: SQL query
Thank you all for your help. This is used on a company intranet and all data passing through is selected form dropdowns so the possibility of SQL injection is at a minimum. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ You need to read the 10 Immutable Laws of Security Administration (rule 1 in particalar): http://www.microsoft.com/technet/treeview/default.asp?url=/technet/columns/s ecurity/essays/10imlaws.asp Drop-down "select" lists do not protect you 1 iota. I save your page to my hard disk. I change the "select" lists to text boxes. I change the "action=" to be the fully qualified address of the server. I submit the page... That's the easy way to send whatever data I like to your server. Cheers Ken --- You are currently subscribed to activeserverpages as: [email protected] To unsubscribe send a blank email to [EMAIL PROTECTED]
