RE: SQL Injection Basics

> I think you meant to first sanitize

By using CInt he has sanitized the data. CInt converts to an integer. & can also take integer parameters. When you run CInt("1 OR 1=1"), you get a type mismatch, which is a problem, but not one that means that Mark's code is vulnerable to SQL injection.

He should be running IsNumeric over the data first. Better yet, ADO command objects should be used for ASP, as suggested many times.

See the documentation (RTM) on the function CInt():

Description
Returns an expression that has been converted to a Variant of subtype Integer. Syntax
CInt(expression)
The expression argument is any valid expression.

Remarks
In general, you can document your code using the subtype conversion functions to show that the result of some operation should be expressed as a particular data type rather than the default data type. For example, use CInt or CLng to force integer arithmetic in cases where currency, single-precision, or double-precision arithmetic normally would occur. Use the CInt function to provide internationally aware conversions from any other data type to an Integer subtype. For example, different decimal separators are properly recognized depending on the locale setting of your system, as are different thousand separators.

If expression lies outside the acceptable range for the Integer subtype, an error occurs.

The following example uses the CInt function to convert a value to an Integer:

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Dim MyDouble, MyInt
MyDouble = 2345.5678 ' MyDouble is a Double. MyInt = CInt(MyDouble) ' MyInt contains 2346.

Note CInt differs from the Fix and Int functions, which truncate, rather than round, the fractional part of a number. When the fractional part is exactly 0.5, the CInt function always rounds it to the nearest even number. For example, 0.5 rounds to 0, and 1.5 rounds to 2.

regards
David Cameron
nOw.b2b
dcameron@itis-now.com Received on Tue Feb 11 23:30:18 2003