Meditech NPR Reports / NPR Report Writing / NPR Report Writer / Meditech NPR / Non-Procedural Report / Meditech Consulting / Meditech Reports .NET 2.0: February 2007

Monday, February 26, 2007

Casting Values to Defend Against SQL Injection


"When using numeric fields in a database-driven application, make sure you actually cast those variables to an appropriate numeric type before using them. Doing so will prevent SQL insertion attacks by throwing an exception if a user places something nonnumeric into that field. With a little more work, the error handler could be configured to fire off an alert, or write to a log file, almost like a mini application-level intrusion detection system."

Author: Lamont Adams
Url: http://builder.com.com/5100-6387-1044869.html

posted by olesharpie @ 2:55 PM   0 Comments

Saturday, February 17, 2007

Visual Studio 2005 Image Library

Program Files\Microsoft Visual Studio 8\Common7\VS2005ImageLibrary

posted by olesharpie @ 10:45 AM   0 Comments

Meditech NPR Reports / NPR Report Writing / NPR Report Writer / Meditech NPR / Non-Procedural Report / Meditech Consulting / Meditech Reports