|
Previous Article Send Email using ASP Classic and CDOSYS |
SELECT Statement, INSERT Statement, UPDATE Statement, DELETE Statement, in ASP using Parameter's, in the combat against SQL & XSS INJECTION |
Next Article ASP Classic Linkify - Convert text links into Clickable URLs |
Coding Article #: 39 - Published On: July 27, 2012 @ 13:01:42 PM - Last Updated on: January 11, 2016
This article has been Favorited 44 timesJoin today, and add this to your favorites.
Share With Friends (Updated 6-8-2010)
Screenshot of Source Code
SQL Injection is a code that is submitted towards your input forms, in hopes of manipulating your database structure, and thus, allowing for the intruder (or) hacker, to gain access to your records, thus rendering your site useless.
XSS Injections is a JavaScript-based code, that does the same thing as above, however, this XSS Based Attacks if done right, will allow the attacker to plant vicious code on your site, that will affect your visitors, and or potentially make your site dangerous to all visitors.
The cool parts about this script are that it will show you how to use ASP Classic along with Parameterized Queries, to do all your database work.
You will learn the following, how toes.
(This method can be used in any database, not just the sample Access database, you will be able to use this procedure across nearly all data structures).
Insert data into your database.
Update the data records that are in your database.
Delete the records from your database
Select the records to display them to your visitors.
The entire script is completed marked up, so you will know everything that is happening within the code.
The zip file contains the following files.
ADOVBS.inc ' This is the code that is used for the Parameters.
cons.asp ' This is your database connection, and the SQL and XSS Injection Scripts to protect your code.
Q_24801116.asp ' This is the main page
Q_24801116.mdb ' This is your Sample access Database.
setRecords.asp ' This is the code behind, that does all the "Insert, Update, Delete" Statement.
Good Luck!
View Live Example«
XSS Injections is a JavaScript-based code, that does the same thing as above, however, this XSS Based Attacks if done right, will allow the attacker to plant vicious code on your site, that will affect your visitors, and or potentially make your site dangerous to all visitors.
The cool parts about this script are that it will show you how to use ASP Classic along with Parameterized Queries, to do all your database work.
You will learn the following, how toes.
(This method can be used in any database, not just the sample Access database, you will be able to use this procedure across nearly all data structures).
Insert data into your database.
Update the data records that are in your database.
Delete the records from your database
Select the records to display them to your visitors.
The entire script is completed marked up, so you will know everything that is happening within the code.
The zip file contains the following files.
ADOVBS.inc ' This is the code that is used for the Parameters.
cons.asp ' This is your database connection, and the SQL and XSS Injection Scripts to protect your code.
Q_24801116.asp ' This is the main page
Q_24801116.mdb ' This is your Sample access Database.
setRecords.asp ' This is the code behind, that does all the "Insert, Update, Delete" Statement.
Good Luck!
View Live Example«
Post to Facebook about: SELECT Statement, INSERT Statement, UPDATE Statement, DELETE Statement, in ASP using Parameter's, in the combat against SQL & XSS INJECTION
