justsomeguy Posted March 16, 2012 Share Posted March 16, 2012 It's usually referred to as escaping the data, what you're trying to protect against is called a SQL injection attack. It looks like with VBScript and ASP classic that your best bet is to use a parameterized query. https://www.google.com/search?client=opera&rls=en&q=vbscript+protect+against+sql+injection&sourceid=opera&ie=utf-8&oe=utf-8&channel=suggest#sclient=psy-ab&hl=en&client=opera&rls=en&channel=suggest&q=vbscript+parameterized+query&oq=vbscript+parameterized+query&aq=f&aqi=g1&aql=&gs_sm=3&gs_upl=198555l204661l0l205002l19l9l0l10l10l1l314l1630l3.2.3.1l19l0&gs_l=serp.3..0.198555l204661l0l205002l19l9l0l10l10l1l314l1630l3j2j3j1l19l0.frgbld.&pbx=1&bav=on.2,or.r_gc.r_pw.,cf.osb&fp=a9e56755e1f65edd&biw=1858&bih=1003 Link to comment Share on other sites More sharing options...
foxhound187 Posted June 1, 2012 Author Share Posted June 1, 2012 (edited) ok, sanitizing the data can wait. I seem to have got the script working so that it reads and inserts the data from the .csv file into the database however I would like to split the data, so when it inserts the data into the database rather than dumping it all in the one column it splits it into seperate columns per comma. I assume its some kind of array, but this is way over my head. Thanks Edited June 1, 2012 by foxhound187 Link to comment Share on other sites More sharing options...
justsomeguy Posted June 1, 2012 Share Posted June 1, 2012 You can use split to split the string into an array and then assign the various values to the correct columns. http://www.w3schools.com/vbscript/func_split.asp Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now