Programming

SQL injection is probably one of the most widely used techniques for hacking websites. Hackers can look at the form variables on a website to determine if it could possibly be injected with SQL. Many home made website portals can easily be hacked because SQL injection prevention can be time consuming for programmers, and many people don’t know how to protect against SQL injection.

Lets take a look at the following SQL statement.

Statement: select * from users where username=’ + $formUserName + ‘;
$formUserName data comes in from an HTML form from your website. This is the key variable in the script that you will use to inject SQL code into. Lets look at the hacked, SQL injected version.
(continue reading…)

This message appeared while I was trying to read a text file that was locked. I was very frustrated because notepad and other text editors could open it no problem, but my simple StreamReader couldn’t open it. The code below was giving me this error and I had to do a little tweaking and fiddling to get it to work.

Broken Code

StreamReader fr = new StreamReader(this.eveFile);

Working Code
FileStream fs = new FileStream(this.eveFile, FileMode.Open, FileAccess.Read, FileShare.ReadWrite );
StreamReader sr = new StreamReader(fs);

Apparently you have to open the file specifically for Read access, thus the “FileAccess.Read”. It appears that StreamReader opens in ReadWrite no matter what, and you can’t change the FileAccess in StreamReader. No problem though as this is only one more line of code.