|
I can't tell you why it was flagged for deletion, but I can have a pretty good guess: your code is vulnerable to SQL Injection[^].
Quote: The Value property will be rendered to a pattern by adding the % character at the beginning and the end of it:
Database.Table.Name = "Customers"
Database.Table.AliasName = "cust"
With Database.Table.Query.Items
.Add("cust.CustomerId")
.Add("cust.ContactName")
.Add("cust.City", "Lon", QItem.Types.WHERE_LIKE)
End With
The generated SQL Statement will be:
SELECT cust.CustomerId,cust.CompanyName,cust.ContactName,cust.City _
FROM dbo.Customers cust WHERE cust.City LIKE N'%Lon%';
NEVER use string concatenation to build a SQL query. ALWAYS use a parameterized query.
Everything you wanted to know about SQL injection (but were afraid to ask) | Troy Hunt[^]
How can I explain SQL injection without technical jargon? | Information Security Stack Exchange[^]
Query Parameterization Cheat Sheet | OWASP[^]
I would be very surprised if Sean and others hadn't left you a message explaining this critical security vulnerability in your code before closing your article.
There's nothing stopping you from re-submitting the article once you've fixed the vulnerability.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
modified 15-Jul-19 15:20pm.
|
|
|
|
|
Richard Deeming wrote: I would be very surprised if Sean and others hadn't left you a message explaining this critical security vulnerability in your code before closing your article. I can't say for sure, but I think there was a heads up in the message board.
What surprises me, is that it got approved a couple of times. Maybe someone should give a heads up to the first approvers
BTW... the thirs link... not valid anymore. They moved it to GitHub
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
modified 15-Jul-19 14:35pm.
|
|
|
|
|
Nelek wrote: BTW... the thirs link... not valid anymore. They moved it to GitHub
Thanks - updated the link.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Thank you for the clarification.
Sure I will do that.
|
|
|
|
|
I'm writing a magazine article and I'd like to include a link to a CodeProject article. I'm wondering if CodeProject has short format URL for articles; like Bitly but specific to CodeProject.
Cheers,
Daniel
|
|
|
|
|
As far as I know, no. There is no "shortener". But it could be a nice idea. You might suggest it in Bugs and Suggestions[^]
Additionally, external shorteners are not welcome in CP. You never know where they are taking you.
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
My article was deleted. I have made some changes in it. how can I publish it again?
|
|
|
|
|
Hi All,
I am not able to find article section for Microsoft POWERBI. To post article on it where can I post it.
Mani Prabhakar
|
|
|
|
|
|
Thank you Sean Ewington. I wish in future we will have place for Business Intelligence too.
Mani Prabhakar
|
|
|
|
|
tags for the snippets encoded as html: https://www.codeproject.com/script/Articles/ArticleVersion.aspx?waid=4141112&aid=5160473
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
I'm using MathJax in one of my articles, which is supported by CodeProject. Is there a way to change dollar sign delimiters in math blocks?
I would like to use:
<div class="math">
\[
x + y = z
\]</div>
Rather than:
<div class="math">
$
x + y = z
$</div>
The block format is described in Using LaTeX in articles on CodeProject[^]
|
|
|
|
|
Hi,
I am unable to edit my article. I get this below error when I try to click the update article button. There is a typo in my article title, which needs to be fixed. Can anybody help? Or can anyone update my article title to 'JavaScript' instead of 'JavaSript'. Article Link JavaSript Destructuring: It's So Cool[^]
Error
|
|
|
|
|
Thanks for the note! We've fixed the problem and updated your title.
Thanks,
Sean Ewington
CodeProject
|
|
|
|
|
Thanks
|
|
|
|
|
HI
I have used your excellent site for a long time. I am a retired Hardware/Software professional (MSEE) and since retiring, have written VB.NET programs for my own use. The questions I have are:
1. How do I know if a program is worth submitting to Code Project?
2. What is the format for documenting a program?
3. How does one submit a program?
Any response will be appreciated.
Jerrold I. Bodoff
|
|
|
|
|
|
The structure looks correct.
|
|
|
|
|
|
In my recent article I am using four gifs to show functionality of the application after every completed part of the article. They are however not working, only the first frame of the gif is shown. How can I fix those gifs, for example when users click on the image thumbnail, the real gif to be loaded? Or maybe some other approach can be used?
|
|
|
|
|
What I've been doing (if the GIF is larger) is sizing the GIF down in the HTML so that is the proper width (700px wide). Alternatively, you could place the still image and then link the image itself to the GIF. So <a href="https://www.codeproject.com/KB/miscctrl/4073222/large-file.Png"><img src="small-file.gif" /></a>
Or if you don't want to fuss with it, you can email me (sean@codeproject.com) with your GIFs, and tell me which images need to be replaced and where they are within the article, and I will be happy to mess with it until it is to your pleasing.
Thanks,
Sean Ewington
CodeProject
|
|
|
|
|
Thank you Sean. The gifs are wider that 700 px, so this is why they are not shown. I will try to fix this myself using your suggestion and hopefully I will not bother you. In case I do not succeed, I will contact you via e-mail, I know your e-mail from my first article, where you fixed one gif as well
|
|
|
|
|
i have delete or clear Email
send email for me nooooothing
please
please
please
tanks
|
|
|
|
|
Not a question either. Please do not cross-post the same non-question in several forums.
noop()
|
|
|
|
|
Iprice https://ipricethailand.com
|
|
|
|