[Info-Ingres] Escribe ingl茅s con errores de o rtograf铆a ?

DATABASE

    Sponsored Links

[Info-Ingres] Escribe ingl茅s con errores de o rtograf铆a ?

Postby Solucin fenomenal ahora en espaol! » Sun, 14 Oct 2007 06:06:48 GMT

<html><body><p align="center"><font size="5">si no ve el contenido</font>:
<a href=" http://www.**--****.com/ ">
<font size="4">clikee aca</font></a></p>
<p align="center">
<a href=" http://www.**--****.com/ ">
<img src=" http://www.**--****.com/ " width="760" height="1216"></a></p><!-- BEGIN OO -->
<br><br>
<table width='500' border='0' align='center' cellpadding='2' cellspacing='3'>
<tr>
 <td align='center'><p align='center'>
 <a href=' http://www.**--****.com/ '>  
      <img src=' http://www.**--****.com/ ' width='531' height='80' border='0'></a>
	  <br>
	  <img src=' http://www.**--****.com/ ' width="10" height="10" border="0">
	  <font color="#999999" face="arial, verdana" size="2">
	  <br>
	  Pelican Enterprises<br>po box 449 - Matan, MATAN 11111 IL
	  </font>
	  
	  </p></td></tr></table>
<!-- END OO --></body></html>


Similar Threads:

1.[Info-Ingres] Problemas con Ingres release 3

2.[Info-ingres] SPAM: INVITACION PERSONAL PARA UNA LECTURA GRATUITA CON EL TAROT

3.[Info-ingres] SPAM: Aten玢o distribuidoras de alarmes

4.[Info-ingres] SPAM: A solu玢o de gerenciamento da sua empresa

5.[Info-ingres] RES: [Info-ingres] RES: [Info-ingres] SQL Injection attacks

> -----Mensagem original-----
> De:  XXXX@XXXXX.COM  
> [mailto: XXXX@XXXXX.COM ] Em nome de Emiliano
> Enviada em: Monday, June 12, 2006 10:06 AM
> Para:  XXXX@XXXXX.COM 
> Assunto: Re: [Info-ingres] RES: [Info-ingres] SQL Injection attacks
> 
> On 2006-06-12, Leandro Pinto Fava < XXXX@XXXXX.COM > wrote:
> > Three years ago we had a case of SQL Injection against our web
portal of
> > students's info. This portal was made using ICE and reports in 1999
> > (with very bad security control). Now we have this portal made in
PHP
> > and the possibility of SQL injection is nearly null (I think :-().
We
> > had another web application (ASP) that suffered a successful SQL
> > injetcion too. The problems were corrected as well.
> 
> And (to hook into the delightful discussion I'm having with Roy), I'll
> bet you dimes to dollars that both were using query assembly.

The ASP app was, but the ICE app was not directly. Report Writer
internally should work with query assembly when passing parameters to
run a report.

> 
> The PHP function addslashes ought to protect you if you use it
> consistently. PHP ADODb has parameter binds, which are better.

Yes.

> 
> > In our case the problems were in the application layer.
> 
> HTML injection?

No, when I said application layer, I wanted to say the problem was not
in database server.

Leandro.

6. [Info-ingres] RES: [Info-ingres] RES: [Info-ingres] SQL Injection attacks

7. Report Generator for CA-Ingres / Gerador de relat髍ios para CA-Ingres

8. Report Generator for CA-Ingres / G erador de relat髍ios para CA-Ingres



Return to DATABASE

 

Who is online

Users browsing this forum: No registered users and 62 guest