While reviewing the C language I was reminded of the cType.h library. The cType library is a Character Type helper class. After short consideration I thought it might be helpful to have an equivalent in JavaScript.
April 10, 2011
March 12, 2011
AdCommandTextParser: Parsing SQL Statements
The most difficult task in the construction of the Active Directory Data Access Layer was parsing the SQL Statements so that the information would be easily accessible to populate the DirectorySearcher object. In today’s post we will review the capabilities of the parser followed by the sql statement parsing code.
February 20, 2011
Use Regular Expressions to Detect SQL Code Injection
To gain unauthorized access and possibly control of another companies information hackers employ a technique called SQL Code Injection. This simple technique involves entering a sql statement inside a text box and submitting the request. When the server processes the page it can be tricked into executing the injected code. The best strategy to block SQL Code Injection is to use a stored procedure. For the times when you simply must use inline sql statements we will learn how to detect and block SQL Code Injection with the help of a few, simple, regular expressions.
January 30, 2011
String.Split On Steroids
The String.Split function uses a separator to divide a string value into an array of string values. Unfortunately the split function does not support text qualifiers. As a result, if the separator is contained within a text qualified block of characters, the text block gets split.
In this article we will create a new extension called, FullSplit, that will implement the same basic functionality of the String.Split function with the added support of text qualifiers and assignment operators. When assignment operators are used the return value will be of type StringDictionary where the left side of the operator represents the DictionaryEntry.Key property and the right side represents the DictionaryEntry.Value property.
Finally we will conclude the article by updating the code from a previous post, Extending IEnumerable, to support dictionary entries by separating the key/value pair with an operator.
Larry Steinle 