WebApp Sec mailing list archives
Re: Web Forms filtered with SQL constraints
From: "Saphyr" <saphyr () infomaniak ch>
Date: Fri, 8 Oct 2004 11:31:36 +0200
Hi, Using classic ASP with vbscript you would add this to the top of the page: <% on error resume next %> Then after every SQL query: <% if err then Response.write "There was a database error" ' Log to error to file end if %>
If I may interfere with this... Using a 'On Error Resume Next' statement on the top of your scripts will prevent you from being warned about many other errors you might encounter. The pragmatic conception (my personal method :)= requirement used here with this statement is: "For all errors found in this script, please ignore them." However, this doesnt' solve the initial question which is "how to deal with SQL errors". Considering this question, the P.C. requirement becomes: "When executing an SQL statement, I want to keep control over the script flow execution." The answer is indeed the use of the 'On Error Resume Next' statement, not at the script header but right before the SQL execution statement and disabling this right after it. This provides error catching atomicity during SQL executions: --------------script.asp//start------------------------------------- ...some code... '* activate error catcher On Error Resume Next '* execute dangerous statement connDb.Execute(sqlQuery) '* deactivate error catcher On Error GoTo 0 '* handle the error If(Err)Then ... End If --------------script.asp//stop------------------------------------- P.S. I recently began writing a draft about my development method, anyone would be interested ? -- Antonio FONTES Team Web Intelligence IS Security, Information and Knowledge Management Cosadgip SA http://www.cosadgip.com 129, rte de St-Julien Case postale 135 CH-1228 Plan les Ouates Switzerland Tél.: +41 22 884 19 44 Fax: +41 22 884 19 49
Current thread:
- Web Forms filtered with SQL constraints Bénoni MARTIN (Oct 05)
- Re: Web Forms filtered with SQL constraints Ian (Oct 07)
- Re: Web Forms filtered with SQL constraints RSnake (Oct 07)
- Re: Web Forms filtered with SQL constraints Saphyr (Oct 09)
- Re: Web Forms filtered with SQL constraints tie (Oct 07)
- Re: Web Forms filtered with SQL constraints Steven Boone (Oct 07)
- RE: Web Forms filtered with SQL constraints V. Poddubnyy (Oct 08)
- RE: Web Forms filtered with SQL constraints focus (Oct 09)
- Re: Web Forms filtered with SQL constraints Matt Fisher (Oct 09)
- Re: Web Forms filtered with SQL constraints yahoouec (Oct 12)
- <Possible follow-ups>
- RE: Web Forms filtered with SQL constraints Mike Allison (Oct 05)
- Netware ichain Taki Waki (Oct 06)
- RE: Netware ichain Eyal Udassin (Oct 07)
- Netware ichain Taki Waki (Oct 06)
- Re: Web Forms filtered with SQL constraints Tom Stowell (Oct 07)
(Thread continues...)
- Re: Web Forms filtered with SQL constraints Ian (Oct 07)