someone update my database

[AA]

hello to aal,

how its mossible to someone update may database, for now we have a database
and time to time, someone update a record, changing the information.

what can i do to avoid this?

thanks on advance
AMA

 

[Bob Barrows [MVP]]

hello to aal,

how its mossible to someone update may database, for now we have a
database and time to time, someone update a record, changing the
information.

what can i do to avoid this?

Given the lack of information (database type and version? internet vs
intranet? etc.) all we can do is guess. Here is my guess, based on my
assumption that you are using an Access database:

1. Your use of dynamic sql has left your database exposed to attacks by
hackers using the sql injection technique
(http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=23
http://www.nextgenss.com/papers/advanced_sql_injection.pdf)
You can eliminate this threat by using parameters instead of dynamic sql

http://groups.google.com/groups?hl=...=1&[email protected]

http://groups.google.com/groups?hl=...=1&[email protected]

http://www.google.com/[email protected]&oe=UTF-8&output=gplain

http://www.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&[email protected]

Using Command object to pass values to parameter markers in a sql string:
http://groups-beta.google.com/group/microsoft.public.inetserver.asp.db/msg/72e36562fee7804e

Bob Barrows