Code/regular Expression/magic That Can Detect If This Text Contains A Piece Of SQL Query Instead Of Normal Harmless Text?
Sep 21, 2010
I came to a company that already has a fully grown project... but coders that worked here before me didn't follow conventions and didn't use parametrized SQL queries... as a result there is over 1000 places in a very huge project that can possibly be vulnerable to SQL injection...
I need to find a solution that will automatically detect if there is an SQL injection in the code. So, for example there is a form which allows user to enter comments regarding a product, which will be sent to database on submit... how can we make sure that a user didn't enter a harmfull query instead of a normal text?
Is there any advanced code/regular expression/magic that can detect if this text contains a piece of SQL query instead of normal harmless text? I will accept any links, pieces of code in any language or even commercial software that will do that for me.
View 5 Replies
ADVERTISEMENT
Feb 12, 2009
create a regular expression. It is a little like a search and replace, I want to replace any string that contains any substring in parentheses with the same string but the words in parentheses colored RED.
Eg Take this text in TextBox1:
"The Prime Minister (that idiot from Scotland) made a speech today"
and convert to this text in RichTextBox1:
"The Prime Minister (that idiot from Scotland) made a speech today"
View 7 Replies
Mar 15, 2011
I would like to extract the word "date" from a string. It could appear as "DATE". "the date", "datee", "the_Date" or any other form
View 7 Replies
Apr 8, 2010
I have a simple pattern I am trying to match, any characters captured between parenthesis at the end of an HTML paragraph. I am running into trouble any time there is additional parentheticals in that paragraph:
i.e.
If the input string is "..... (321)</p>" i want to get the value (321)
However, if the paragraph has this text: "... (123) (321)</p>" my regex is returning "(123) (321)" (everything between the opening "(" and closing ")"
I am using the regex pattern "s(.+)</p>"
How can I grab the correct value (using VB.NET)
This is what I'm doing so far:
Dim reg As New Regex("s(.+)</P>", RegexOptions.IgnoreCase)
Dim matchC As MatchCollection = reg.Matches(su.Question)
If matchC.Count > 0 Then
[Code]....
View 3 Replies
Mar 24, 2012
I know it may be quite easily for you. i have a text which contains 40 lines, I want to remove lines which starts with a constant text. check below data.
When I used (?mn)[+CMGL:].*($) it removes the whole text , when I use (?mn)[+CMGL:].*(
) , it only leaves the first line.
+CMGL: 0,1,,159
07910201956905F0440B910201532762F20008709021225282808
+CMGL: 1,1,,159
[Code]...
View 1 Replies
Aug 18, 2010
I am in a need of a Regular Expression to restrict input to only certain characters in a text box. The text box can only allow 0 or 1 "+" sign at the beginning and at no other position. The text box can only allow 0 or 1 ":" sign not before the "+" sign. The text box can allow any number of 0-9 digits.
[Code]...
View 10 Replies
Apr 1, 2011
I have a piece of code which loads either french or english text and 2 link buttons that allow to switch between.
<%
if publierFR = 0 Then
if publierEN = 0 Then
[code].....
View 1 Replies
Jun 9, 2012
How do you pick a random piece of text from a text file in this manner....
[Code]...
I need to pick a random answer, not including the question. let it be the simplest solution. I am only a beginner.
View 6 Replies
Mar 20, 2011
i need to build a regular expression to validate an code. The code has 10 charaters
- the First charaters can only one the following B,F,E,S,M,P,Z
- From Second to Seventh are alfanumeric (0-9 and A-Z)
- the Eighth is the letter U
- the ninth is a number (0-9)
-the tenth is alfanumeric (0-9 and A-Z)
View 7 Replies
Mar 30, 2012
All i want to do is write some text into word... some of the text is normal text the other is bold... how do I achieve this?The samples I have seen, they either do normal text or bold.. but in different lines utilising InsertParagraphAfter()I need to have both in the one lineie how do i do the following line? using vb.net and word automation (word 2010)
View 2 Replies
Feb 28, 2010
I'm stuck on an issue I think is actually pretty simple but I just can't get it sorted.
I have a string containing (a lot of) text, and in that text there are dates. Like 2/28/2010 or 11/12/2007 or whatever.There are multiple dates in that text.
How do I get the dates from that piece of text into another string so I can put the dates into textboxes?
I'm using VB.NET in Visual Studio 2010 RC,
View 2 Replies
Feb 13, 2011
i am getting a piece of text from a webpage, but i would like to only let the text after a $ to show up?
View 1 Replies
Feb 24, 2012
I would like to search a webpage for a value in the left column of a table, then pull the value from the right column as my result. In a Visual Basic Forms Application.
the data is listed in a table, for example...
abc 123
def 234
ghi 345
jkl 456
and if i just want the value of ghi ( I know "ghi", but i want the goal of the code to find the "345")
View 4 Replies
Aug 10, 2009
I would like to combine the two things in the title to use as a query for an access database. I think i kind of know what to do, but then it doesn't work so i actually dont, the error i am getting in runtime is that the query is incomplete. The line of code in question is this:
Query = New OleDb.OleDbCommand("Select key From '" & frmFrontEnd.cmbModel.SelectedIndex.ToString & "'_Assistant", AccessConn)
View 1 Replies
Apr 12, 2009
At present i have an interface which displays a string of sql code in a rich text box.
I also have my microsoft access database connected to the form.
How would i go about getting the sql code in the rich text box to produce the results for the query??
View 2 Replies
Mar 18, 2012
I have a datagrid view with 3 columns and variable rows. I have many rows so it is tough to know what is where so, the first row consists of names.I have a textbox in which I type in a name and hit a button. Doing this, I want the location of the that cell in terms of row.no and column.no.
Extended : for the adjacent ones just add +1, +2 etc to the column number right ?
View 6 Replies
Jul 6, 2010
Is it possible to populate an AutoComplete text box property in code from an Access query.
View 6 Replies
Mar 12, 2010
Is there any possibility to make this true?I mean we can't use { } as a normal text in String.Format()
View 4 Replies
Apr 17, 2011
I can find lots of examples of rotated text on graphics objects on a Google search, but I want to create a vertical caption but with normal letter orientation, something like this:
C
A
P
T
I
O
N
but with sensible spacing and alignment. I can't seem to get my search terms right to find a suitable example. Can anyone point me in the right direction?
View 11 Replies
Oct 21, 2011
Regular Expression to count per words and characters in VB.Net. Here's my codes.
[Code]...
View 4 Replies
Oct 7, 2011
I'm trying to create a regex which will match either one of the following [code] This regex is supposed to return all and any form of the function that is used.If match string were - FVAL(A,"B")+5 then match group should be FVAL(A,"B")
View 1 Replies
May 19, 2009
I have the following regular expression for validating a file name:
^(([a-zA-Z]:|))?(((.)|(..)|(. %5D">^/:*?"|<>. |([^/:*?"|<>][^/:*?"|<>. ]))?))). %5D">^/:*?"|<>. |([^/:*?"|<>]*[^/:*?"|<>. ]))?$
I can get it to work in VB.NET but not C#. I can't figure out why it works in one but not the other.
[Code]...
As far as I can tell the patterns are identical in both languages with escaping. When I run the VB code I get a match. When I run the C# code I get nothing.
View 1 Replies
Oct 14, 2010
I have just coded the below regular expression. I have a mini rich text editor on a web page (very similar to the one I am using to post this question) and I want to make use of a double asterisk to indicate which words/phrases should be wrapped in a strong tag. The aim is to allow the user to add pre-defined HTML elements without actually having to submit HTML.
[code...]
Maybe I am over-optimising this, but I want to know if this can be made more efficient?
View 1 Replies
Feb 12, 2009
It is a little like a search and replace, I want to replace any string that contains any substring in parentheses with the same string but the words in parentheses colored RED: Eg
Take this text in TextBox1:
"The Prime Minister (that idiot from Scotland) made a speech today"
and convert to this text in RichTextBox1:
"The Prime Minister (that idiot from Scotland) made a speech today"
View 1 Replies
May 6, 2012
I had a regular expression which parses out value.
[Code]...
View 7 Replies
Oct 6, 2011
I am trying to use regular expression for extracting data from web page. but everytime i change the URL i need to change my regular expression for URL.
View 3 Replies
Mar 24, 2010
I have the following function that I am using to remove the characters �4 and nulls from my xmlString but I can't find what do I need to change to avoid removing the from my ending tags. This is what I get when I run this function
<ARR>20080625<ARR><DEP>20110606<DEP><PCIID>626783<PCIID><NOPAX>1<NOPAX><TG><TG><HASPREV>FALSE<HASPREV><HASSUCC>FALSE<HASSUCC>
find out what do I need to change in my expression to keep the ending tag as </tag>
[Code]...
View 1 Replies
May 17, 2011
I have a textbox which takes as input the email address. Do you have regular expression validator in vb.net so that I can check if '@' is present or not in the string
View 2 Replies
Feb 1, 2012
I have a string (can be anything) and somewhere in the middle of the string there's a filename with the extension 'txt'. The filename can basically be anything, and any filename is correct, but with a certain exception.
If the filename ends with .part<number>.txt, the <number> can only be one of the following, 1, 01, 001, 0001.
Every other <number> is incorrect.
Match
.part1.txt
.Part001.txt
[Code].....
View 2 Replies
Jun 5, 2011
I've out an output rich text box called TbxOutput, and I have many different tbxoutput.appendtext("") methods in my program.I don't really know much about how to set rich text box colors, and what I specifically need is for a simple line of code that i can plug in before the tbxoutput.appendtext("" + vbnewline) methods to make that particular line output text of a different color.
For example, when my program normally outputs messages it does it in black, and i want it to remain that way by default. But when it outputs an error message, I want that particular message
View 2 Replies
