When inserting strings into a SQL table in ASP what is the risk and how can you prevent it?

ASP Interview Questions and Answers

(Continued from previous question...)

140. When inserting strings into a SQL table in ASP what is the risk and how can you prevent it?

SQL Injection, to prevent you probably need to use Stored Procedures instead of inline/incode SQL

(Continued on next question...)

Other Interview Questions

• What is ASP?
• How can you disable the browser to view the code?
• Question What is a "Virtual Directory"?
• Give the comment Tags for the following?
• Which is the default Scripting Language of ASP (server-side)?
• Which is the default Data types in VBScript?
• What is a variable?
• What is the maximum size of an array?
• What is Querystring collection?
• What are the attributes of the tags? What are their functions?
• What are the methods in Session Object?
• What is ServerVariables collection?
• What is the difference between Querystring collection and Form collection?
• What is a Form collection?
• What are the ASP Scripting Objects?
• What happens to a HTML page?
• What happens to ASP pages?
• How can you change the primary scripting language for a page?
• What is application Object?
• What is the difference between client-side script and server-side script?
• What is the command to display characters to the HTML page?
• Explain the POST & GET Method or Explain the difference between them?
• How many global.asa files can an Application have?
• How many global.asa files can an Application have?
• What are Scripting Objects?
• What is the Order of precedence for LOGICAL Operators.
• What is an Err Object?
• What are LOCAL and GLOBAL variables?
• Which is the default Scripting Language on the client side?
• What is HTML(Hypertext Markup Language)?
• What is a Web Server?
• What is Session Object?
• What is Server-Side includes?
• What is a FileSystemObject object?
• What is a Scripting Language?
• What is a Dictionary object?
• What is Global.asa file?
• What is an .ASP file?
• What is Response Object?
• Naming constraints for a variable.?
• What is a TextStream object?
• What is IIS?
• What is Request Object?
• What are the special sub-types in VBScript?
• What is Cookies collection?
• What is the difference between Cookies collection and Form/Querystring collection?
• What is Server Object?
• What is Collection?
• How will you delete a Cookie?
• What is the function of Buffer in Response Object?
• How are scripts executed?
• What is ASP (Active Server Pages)?
• What are ARRAYS?
• What is Application-scope?
• What is Extranet?
• What is the use of following Statement Response.Expires=120?
• What is the use of following Statement Response.Expires=120?
• When is the Session_OnStart event fired?
• What would be the result of the inside code?
• If you want to pass the contents of the strName variable in a hyperlink, which line of code would you use?
• What is the result of using Option Explicit?
• ,br> In the database table, if the datatype for field1 (shown above) is Number, what is the value of varType?
• How are sessions maintained?
• Using VBScript, which of the following Scripting Object(s) is NOT available from scrrun.dll?
• Which will NOT set the scope of an Active Server Component?
• ClientCertificate is a collection of
• IsClientConnected is a property of
• What should be used in order to determine if the cookie "FavoriteFlavors" in the request object contains more than one entry?
• ADO is an object model for accessing which of the following?
• Which choice is NOT an ADO collection?
• What would the inside code load ?
• Which line of code would instantiate the Browser Capabilities component?
• Which choice is NOT a property of Dictionary Object?
• What does Internet Information Server (IIS) assume to be the default language for Active Server Pages?
• The above code appears in the global.asa file. What would it accomplish?
• What does the above code accomplish?
• What purpose is served by the Application.Lock method?
• How long is a SessionID guaranteed to be unique?
• Which of the following are Server Object methods ( Choose Two)
• What must be installed on an IIS4 machine to use the CDONTS e-mail server object?
• Referring to the inside, which line of code would retrieve the selected radio button value?
• How to Display images using Response object?
• What happens when a client submits a form which changes the value of an Application variable?
• Following is the code Server.MapPath (".") consider the path is C:InetpubWWWRootMATDefault.asp. What will be the output
• ‘onStart’ and ’onEnd’ are events of what object(s)?
• The FileSystemObject provides an object interface to drives, directories, and files for which of the following?
• When does the application OnEnd event handler fire?
• What is the program ID (ProgID) for ActiveX Data Objects in 2-tier and 3-tier database applications?
• What should the developer use in order to have an Active Server Page (ASP) invokes a stored procedure on a SQL Server database?
• How Many Types of Cookies?
• What is the Default ScriptTimeOut for Server Object?
• How many Max Cookies can we create in Server?
• In the sample code shown inside, what will be written to the screen?
• Referring to the above, what is the value of iPos?
• What is a session?
• What is ClientCertificate collection?
• What do you need to run ASP?
• What is the order of execution for an ASP application?
• What are the types of HTML?
• What are the properties of Session Object?
• What are the event handlers of Session Object?
• Name the ASP Objects?
• What are the advantages of using ASP?
• What are the methods in Application Object?
• What are the browsers that can access ASP pages?
• How does the server identify and execute the server-side scripts within HTML code?
• What are the methods by which output stream is controlled?
• What are the collections of Session Object?
• What is the difference between ASP and HTML? Or Why ASP is better than HTML?
• What are the event handlers of Application Object?
• Name some of the ASP components?
• What are the tasks performed by < FORM > tags?
• What are the tags necessary to be present within the <FORM > tag?
• What are the collections of Application Object?
• How do you create a recordset object in VBScript?
• Explain the difference between POST and GET Method.
• Why do we use Option Explicit?
• How do you write an SQL insert statement?
• How can you have different number of cells for each row of a table in HTML?
• What variable can you use to share info across the whole application for one user?
• What is string concatenation function in VBScript?
• How do you get the value of a combo box in Javascript?
• What is a class in CSS?
• When inserting strings into a SQL table in ASP what is the risk and how can you prevent it?
• Which is the default Data types in VBScript?