[Top] [All Lists]

Re: Image Verification on insert record

Subject: Re: Image Verification on insert record
From: "jsteinmann"
Date: Thu, 25 Oct 2007 18:31:21 +0000 UTC
Newsgroups: macromedia.dreamweaver.appdev

 Here's another suggestion to remove unwanted hacks, attacks, etc. with an ASP 
Insert Record.

 DIm the text fields, and compare them against unwanted characters to 
automatically reroute this losers away from your website.  For exmaple:

 Dim email

 If IllegalChars(email)=True Then
 Response.redirect("go_away_you_spam_ _loser.asp")
 End If

 Function IllegalChars(sInput)
 Dim sBadChars, iCounter
 'Create an array of illegal characters and words like these
 sBadChars=array("select", "drop", ";", "--", "insert", "delete", "xp_", _
 "#", "%", "&", "'", "(", ")", "/", "\", ":", ";", "<", ">", "=", "[", "]", 
"?", "`", "|")
 For iCounter = 0 to uBound(sBadChars)
 If Instr(sInput,sBadChars(iCounter))>0 Then
 End If
 End function

 With this placed above your code, it will filter your insert before it gets to 
your database.  IN this example, I showed some common hack characters that you 
want to avoid, but you can add anything to that.

 Also, you can always do a YY_checkform or similar javascript based filter that 
makes email be in the correct email format, etc....

 Hope that helps.

<Prev in Thread] Current Thread [Next in Thread>