473,503 Members | 1,735 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

someone update my database

AA
hello to aal,

how its mossible to someone update may database, for now we have a database
and time to time, someone update a record, changing the information.

what can i do to avoid this?

thanks on advance
AMA
Feb 27 '06 #1
1 1433
AA wrote:
hello to aal,

how its mossible to someone update may database, for now we have a
database and time to time, someone update a record, changing the
information.

what can i do to avoid this?

Given the lack of information (database type and version? internet vs
intranet? etc.) all we can do is guess. Here is my guess, based on my
assumption that you are using an Access database:

1. Your use of dynamic sql has left your database exposed to attacks by
hackers using the sql injection technique
(http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=23
http://www.nextgenss.com/papers/adva..._injection.pdf)
You can eliminate this threat by using parameters instead of dynamic sql

http://groups.google.com/groups?hl=e...tngp13.phx.gbl

http://groups.google.com/groups?hl=e...TNGP11.phx.gbl

http://www.google.com/groups?selm=eE...&output=gplain

http://www.google.com/groups?hl=en&l...TNGP12.phx.gbl

Using Command object to pass values to parameter markers in a sql string:
http://groups-beta.google.com/group/...e36562fee7804e

Bob Barrows

--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.
Feb 27 '06 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
2
10542
PHP/MySQL "UPDATE" question
by: Mark | last post by:
A beginner in this area, I have been able to read a record from a MySQL database and populate an HTML form (wow!). Now, my goal is to allow the user to edit the contents of the form and then...
PHP
3
2015
Can someone please create some MySQL to create the first table: the players table.
by: Michael Lauzon | last post by:
This is not for a class, I have a group on SourceForge, this is what one of the Developers is asking; the more advanced you can make it right off all the better!: Can someone please create...
MySQL Database
2
5243
Concurrency Violation in DataSet Update ADO.NET
by: Niyazi | last post by:
Hi, I have not understand the problem. Before all the coding with few application everything worked perfectly. Now I am developing Cheque Writing application and when the cheque is clear the...
.NET Framework
5
3309
Federated Insert and local update in on transaction not possible
by: Klemens | last post by:
I get SQL30090 reason 18 by trying to do an insert in a federated table and an update in a local table in one transaction Do I have to change some settings to get done or ist this not possible by...
DB2 Database
7
2404
Update foreign key before appending records to central database
by: PC Datasheet | last post by:
Looking for suggestions ---- A database was designed for a national automobile inspection program. In it's simplest form, the database has two tables: TblOwner OwnerID <Year/Make/Model owned...
Microsoft Access / VBA
8
2672
DataAdapter, sedond update
by: Zorpiedoman | last post by:
I keep getting a concurrency exception the second time I make a change and attempt to update a dataadapter. It appears this is by design, so there must be something I can do to avoid it. ...
Visual Basic .NET
2
1988
Can Someone Help me figure this out? Not only finding multiparts
by: Extremest | last post by:
Here is the code I have so far. It connects to a db and grabs headers. It then sorts them into groups and then puts all the complete ones into another table. Problem I am having is that for some...
C# / C Sharp
2
3082
Key Required for .Update with mdb file ? Assuming True
by: Miro | last post by:
I will ask the question first then fumble thru trying to explain myself so i dont waste too much of your time. Question / Statement - Every mdb table needs a PrimaryKey ( or maybe an index - i...
Visual Basic .NET
3
3931
Regarding concurrency MERGE x UPDATE
by: Michel Esber | last post by:
Hi all, DB2 V8 LUW FP 15 There is a table T (ID varchar (24), ABC timestamp). ID is PK. Our application needs to frequently update T with a new value for ABC. update T set ABC=? where ID...
DB2 Database
0
7076
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
7274
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
7323
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
1
6984
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
7453
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
4670
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
C# / C Sharp
0
3162
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...
Networking - Hardware / Configuration
0
3151
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
0
377
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us