Snitz Forums 2000

Snitz Forums 2000

All Forums

Community Forums

Code Support: ASP (Non-Forum Related)

What's the obsession with -1'

Note: You must be registered in order to post a reply.
To register, click here. Registration is FREE!
Before posting, make sure you have read this topic!

Screensize:

UserName:

Password:

Format Mode:

Format:

Message:

* HTML is OFF
* Forum Code is ON

Smilies

Check here to include your profile signature.

T O P I C R E V I E W
bobby131313	Posted - 16 February 2015 : 15:58:49 Pretty much any file on my site that uses a numeric querystring is attempted to load with a -1' value. Always China, Pakistan, Turkey, etc. Hack attempts?
2 L A T E S T R E P L I E S (Newest First)
bobby131313	Posted - 18 February 2015 : 20:08:48 Thanks Carefree.
Carefree	Posted - 18 February 2015 : 01:18:49 Probably, but the default Snitz isn't vulnerable to that type of attack. Replacing numerical values (with the exception of "pop_profile.asp") with any negative numbers will simply redirect to "default.asp". To eliminate the error message report from "pop_profile.asp", you need to add 4 lines. Search for the following lines (appx 141-143): case "display" '## Display Profile if strDBNTUserName = "" then Between them, insert these: If Request("id") > "" Then If Not IsNumeric(Request("id")) Then Response.Redirect "default.asp" If (IsNumeric(Request("id")) And Request("id") < 1) Then Response.Redirect "default.asp" End If

Snitz Forums 2000

This page was generated in 0.02 seconds.