M
Micke Palm
Hi there!
When I went to work today I found that someone have create a table in the
database and insert the names of all other tables in a field in this table.
We have config a account in the database as we use from web.config so I
suppose the user have done something in the site like typing a smart sql
string in a textbox or similar.
Do anyone any ideas of securitys in the site to set so this situation will
be zip? Or any other ideas how the user can do something like this??
/regards, micke
When I went to work today I found that someone have create a table in the
database and insert the names of all other tables in a field in this table.
We have config a account in the database as we use from web.config so I
suppose the user have done something in the site like typing a smart sql
string in a textbox or similar.
Do anyone any ideas of securitys in the site to set so this situation will
be zip? Or any other ideas how the user can do something like this??
/regards, micke