asp-classic

问题 I need to know the process of the SQL injection attack on registration form made by ASP or ASP.Net? 回答1: here is a simple example: screen input: enter your name: Bill'); delete from users -- build query insert into users (name) values ('''+@Name+''')' actual query: insert into users (name) values ('Bill'); delete from users --') what happens: all your users get deleted FYI, not sure of the database you're using, but @Name is a variable, and "--" is a comment 回答2: See How to avoid SQL

问题 I'm trying to replace Urls contained inside a HTML code block the users post into an old web-app with proper anchors ( <A> ) for those Urls. The problem is that Urls can be already 'anchored', that is contained in <A> elements. Those Url should not be replaced. Example: <a href="http://noreplace.com">http://noreplace.com</a> <- do not replace <a href="http://noreplace.com"><u>http://noreplace.com</u></a> <- do not replace <a href="...">...</a>http://replace.com <- replace What would the regex

问题 I'm looking at an existing classic asp application. The setup is as follows: db.asp: opens a connection using Server.CreateObject("ADODB.Connection") and then calls conn.open func.asp: has helper methods to execute queries using the conn object from db.asp index.asp: builds queries and makes calls to methods in func.asp both index.asp and func.asp include db.asp. index.asp includes func.asp No where is conn.close called. Will the connections automatically be closed or recovered when the

问题 I'm trying to create a permutation of a multidimensional array in classic asp (vbscript) and I'm seriously stuck. I've tried several functions of my own and also tried copying several php versions over, but I often end up with something that either goes into a buffer overflow / infinite recursion or I get results that are more like a combination than a permutation, if I understand the differences correctly. Lets say it's for a shirt. The shirt can have colors, sizes, and styles. (The actual

问题 I am running into a problem with my vbscript code. My HTML code looks like this <input type='checkbox' name='DisplayRow' id='DisplayRow1' /> <input type='checkbox' name='DisplayRow' id='DisplayRow2' /> <input type='checkbox' name='DisplayRow' id='DisplayRow3' /> This is done because above there is another checkbox that calls a javascript function that will check or uncheck all of the "DisplayRow" checkboxes. The javascript function uses getElementsByName to return all of the checkboxes named

问题 I am running into a problem with my vbscript code. My HTML code looks like this <input type='checkbox' name='DisplayRow' id='DisplayRow1' /> <input type='checkbox' name='DisplayRow' id='DisplayRow2' /> <input type='checkbox' name='DisplayRow' id='DisplayRow3' /> This is done because above there is another checkbox that calls a javascript function that will check or uncheck all of the "DisplayRow" checkboxes. The javascript function uses getElementsByName to return all of the checkboxes named

问题 I am working on some small project for the local firm and the following code runs fine on my machine, but it produces errors on their server. Currently I don't have access to that server, and this is not a field that I know a lot about, so I have to ask you guys. The page is written in the classic ASP (javascript for scripting). The logic goes like this: conn.Open("myconnection"); bigQuery = "..."; rs = conn.execute(bigQuery); while (!rs.eof) { ... smallQuery = "..." rssmall = conn.execute

问题 i have a particular case of a task that was assigned to me like a week ago and i'm stuck on it. last week i was told that i have to make that i need to make a search that finds all rows inserted in a determined month of a particular year, let's say i need to return all rows inserted in november of 2019 not specifying the day, that is fine to that point, the tricky part is that usually the database i work on have the dates converted to number, resulting in dates stored something like this

问题 i have a particular case of a task that was assigned to me like a week ago and i'm stuck on it. last week i was told that i have to make that i need to make a search that finds all rows inserted in a determined month of a particular year, let's say i need to return all rows inserted in november of 2019 not specifying the day, that is fine to that point, the tricky part is that usually the database i work on have the dates converted to number, resulting in dates stored something like this

问题 I have a client who runs his Classic ASP site under IIS 6.0. The web site is targeted for ASP.NET 2.0 in the ASP.NET configuration tab. A recent PCI Scan of his site is failing him with an HttpOnly vulnerability on his ASPSESSIONID cookie. I have installed an ISAPI .dll that successfully sets HttpOnly on all manually created cookies, but ASPSESSIONID cookie is not effected by this for some reason. I have set web.config with the following configuration: <system.web> <httpCookies