Wednesday, April 29, 2009

Security Vulnerability

Can you see the security vulnerability in the following snippet of code?

    string returnValue = String.Empty;
    string sql =
        "select description from products where prodID = '"
        + Request.Params["pid"] + "';";
    SqlCommand sqlcmd = new SqlCommand(sql);
    sqlcmd.Connection = sqlConn;
    SqlDataReader sdr = cmd.ExecuteReader();
    if (sdr.Read())
    {
        returnValue = (string)sdr[0];
    }
    sdr.Close();
    return returnValue;

Thursday, April 9, 2009

Powershell script to remove empty directories

Here's  a Powershell script that I've just created to remove empty folders which I'm sure I'm not going to need again in the future.

$items = Get-ChildItem -Recurse

foreach($item in $items)
{
      if( $item.PSIsContainer )
      {
            $subitems = Get-ChildItem -Recurse -Path $item.FullName
            if($subitems -eq $null)
            {
                  "Remove item: " + $item.FullName
                  Remove-Item $item.FullName
            }
            $subitems = $null
      }
}

 

 

Powershell Copy-Item does not honor the exclude parameter

I've been having a hard time getting Powershell's Copy-Item to work for me. My problem is that the -exclude parameter for the Copy-Item only honors the excluded items for the root directory in the destination but not for sub-directories if you also include the recurse parameter.

I believe that I have finally solved the problem with this snippet of powershell:

$source = 'd:\t1'

$dest = 'd:\t2'

$exclude = @('*.pdb','*.config')

$items = Get-ChildItem $source -Recurse -Exclude $exclude

foreach($item in $items)

{

      $target = Join-Path $dest $item.FullName.Substring($source.length)

      if( -not( $item.PSIsContainer -and (Test-Path($target))))

      {

            Copy-Item -Path $item.FullName -Destination $target

      }

}