Can you see the security vulnerability in the following snippet of code?
string returnValue = String.Empty;
string sql =
"select description from products where prodID = '"
+ Request.Params["pid"] + "';";
SqlCommand sqlcmd = new SqlCommand(sql);
sqlcmd.Connection = sqlConn;
SqlDataReader sdr = cmd.ExecuteReader();
if (sdr.Read())
{
returnValue = (string)sdr[0];
}
sdr.Close();
return returnValue;
Wednesday, April 29, 2009
Security Vulnerability
Thursday, April 9, 2009
Powershell script to remove empty directories
Here's a Powershell script that I've just created to remove empty folders which I'm sure I'm not going to need again in the future.
$items = Get-ChildItem -Recurse
foreach($item in $items)
{
if( $item.PSIsContainer )
{
$subitems = Get-ChildItem -Recurse -Path $item.FullName
if($subitems -eq $null)
{
"Remove item: " + $item.FullName
Remove-Item $item.FullName
}
$subitems = $null
}
}
Powershell Copy-Item does not honor the exclude parameter
I've been having a hard time getting Powershell's Copy-Item to work for me. My problem is that the -exclude parameter for the Copy-Item only honors the excluded items for the root directory in the destination but not for sub-directories if you also include the recurse parameter.
I believe that I have finally solved the problem with this snippet of powershell:
$source = 'd:\t1'
$dest = 'd:\t2'
$exclude = @('*.pdb','*.config')
$items = Get-ChildItem $source -Recurse -Exclude $exclude
foreach($item in $items)
{
$target = Join-Path $dest $item.FullName.Substring($source.length)
if( -not( $item.PSIsContainer -and (Test-Path($target))))
{
Copy-Item -Path $item.FullName -Destination $target
}
}