![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Navigation
Install the app
How to install the app on iOS
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
More options
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
Web form to update Access DB
- Thread starter tgabe213
- Start date
Where is it that you initialize RSFind? You're getting this error because RSFind.Open is a call to the Open method on the RSFind object, but the RSFind object hasn't been initialized yet. You need to initialize it in the same way you initialized RSDisplay. (But, then, why did you initialize RSDisplay? You don't subsequently use it.)
Meanwhile, you're vulnerable to SQL injection attacks. What if Request.Form("ReferralID") returns "'; DROP TABLE REFERRAL;" ?
Meanwhile, you're vulnerable to SQL injection attacks. What if Request.Form("ReferralID") returns "'; DROP TABLE REFERRAL;" ?
The Bryophyte
Gawd
- Joined
- Jun 24, 2001
- Messages
- 974
Meanwhile, you're vulnerable to SQL injection attacks. What if Request.Form("ReferralID") returns "'; DROP TABLE REFERRAL;" ?
Never trust users, be they malicious or stupid. If you always use prepared statements, you eliminate the problem of SQL injection. Of course, you still need to make sure that user input is not garbage, but prepared statements will ensure that it is not damaging.
Bryophyte and mikeblas's point is still valid -- Do you want to do proper data validation and preventative measures now, or do data cleanup later? What about more extensive problems if one of the worse case scenarios presented actually happens?It's a form for internal use that will only get used by so many users every so often. Not something everyday all day or anything like that
Granted, you're still working on getting the pages functional. But you still want to design to prevent these situations from happening. It usually takes less time to do this now, rather than get everything working and having to refactor later to prevent/trap these problems.