We are excited to announce that the IIS.NET Forums are moving to the new Microsoft Q&A experience. Learn more >

View Complete Thread
  • Re: Anyone know about www.nihaorr1.com/1.js?

    May 13, 2008 09:02 AM|Flackie|LINK

     Thanks for the feedback and suggestions. I have tried these, but still with the same error. I am logged into the remote server on Remote Access, and then open up the SQL Management interface with windows authentication. I am logged into the server as a server admin, and assumed I have admin access therefore to the MS SQL server. IS there a way to check this, like some SQL i can run to say "yes, you do have admin rights"? Otherwise i might be barking up the wrong tree with this one.

    On a brighter note, our application it seems was not the entry point for the client in question. We analysed his logs of the site running our app and found nothing but he looked at some others and found it was another script he had written about 2 years ago on another domain. Our application was written quite carefully, we paid a lot of attention to closing SQL injection holes, but I'd like to lock down the SQL anyway as an extra precaution.



    Free GPL v2 open source VB shopping cart