Welcome Visitor, Please Login or Register Now Friday, April 19, 2024 03:03 PM 
Forums Index > Mewsoft Products > Auctionawy > Turning Off SQL Error Reporting
New Topic   New Reply
Search for:
Author Message
maverick maverick's personal page
Registered Member
Posts: 83 Display member's posts
Joined: 07-19-05 11:42 AM
Member Offline
View Member's Profile Visit member's website http:// Send private message
 
Back to top
Turning Off SQL Error Reporting Edit Delete Reply with quote Quote
First Post Posted on: 07-18-10 10:39 AM next post first post
hi,\ when you put a ' into a variable like http://www.mewsoft.com/cgi-bin/auction/auction.cgi?action=Browse&Search=Category&Cat_ID=4'&CatA_ID=0&Lang=English\ it returns the following which gives too much for sql injection:\ \ SQL Error: You have an error in your SQL syntax near ''' at line 1\ Query: \ SELECT Adult FROM Auction_Categories WHERE Cat_ID=4'\ Line 420, File /home/httpd/vhosts/mewsoft.com/cgi-bin/auction/General.pm.\ \ i dont want to show this info to nasty visitors. how can i turn this error reporting off?
mewsoft mewsoft's personal page
Administrator Team Member
Posts: 5381 Display member's posts
Joined: 04-19-24 03:03 PM
Location: knxoville, TN, USA
Member Offline
View Member's Profile Visit member's website Mewsoft Corporation Send private message ICQ Messenger: ICQ AIM Messenger: AIM YIM Messenger: Yahoo MSN Messenger: MSN
 
Back to top
Re: Turning Off SQL Error Reporting Edit Delete Reply with quote Quote
Reply #: 1 Posted on: 07-18-10 11:26 AM next post previous post
Syntex errors can not be turned off.

Mewsoft Support
www.mewsoft.com
maverick maverick's personal page
Registered Member
Posts: 83 Display member's posts
Joined: 07-19-05 11:42 AM
Member Offline
View Member's Profile Visit member's website http:// Send private message
 
Back to top
Re: Turning Off SQL Error Reporting Edit Delete Reply with quote Quote
Reply #: 2 Posted on: 07-19-10 01:17 AM last post previous post
according to many articles this give-away is the first step that sql injection attacker use.
Page 1 of 1
Go to page:

New Topic   New Reply Mark Unread
Jump to:  
Delete   Move     Lock   +Favorits   +Notify   Print  

  Mewsoft and Mewsoft Logos are registered trademarks. ® Corporation. All Rights Reserved.  Copyright -  Privacy -  Terms of Use  Page Load: 0.0866 Seconds 
Powered by Boardawy © 2000-2011. Mewsoft Corporation