IIS ASP - Re: I am having a problem in my asp in the recorsets running at iis 6.0 and sql 2000.

This is Interesting: Free IT Magazines  
Home > Archive > IIS ASP > February 2005 > Re: I am having a problem in my asp in the recorsets running at iis 6.0 and sql 2000.





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Re: I am having a problem in my asp in the recorsets running at iis 6.0 and sql 2000.
Gabriel Mejía

2005-02-22, 5:52 pm

I am going to do this changes in some of my asp. If this works in those asp
and it doesnt crash any more in them, I am going to do than in the rest of
them

any way, this I just asked you is only to prove my boss the problem.

thnks again bob


"Bob Barrows [MVP]" <reb01501@NOyahoo.SPAMcom> escribió en el mensaje
news:OB47skOGFHA.228@TK2MSFTNGP15.phx.gbl...
> I did not intend for you to run this procedure (which is not recommended
> since it is an internal system procedure). My suggestion was for you to
use
> SQL Profiler to monitor for its use to detect whether or not pooling is
> being used.
>
> Pooling can be controlled only at the client (in this case, the web
server).
> It cannot be controlled by the server. If pooling is not disabled, this
> procedure, which is used to implement pooling at the server, should appear
> in a Profiler trace. Or at least, so I've been told. Another way to
> determine if pooling is being used is to load a page that connects to the
> server, look for the new connection using sp_who2, close the page, run
> sp_who2 again to see if the spid goes away or persists for 60 seconds as
it
> would if pooling is being used. Just be aware that the bad practices I
> talked about may disable pooling intermittently, so you may need to
monitor
> this for a while under various conditions to see if pooling gets disabled.
>
> Pooling is turned on by default in ASP. It can be turned off, either
> intentionally as described in the articles I provided, or unintentionally
> via the use of bad programming practices. The suggestions I made for your
> code will not only help with pooling, they will also help with the overall
> efficiency and security of your asp pages. I realize you may be looking at
a
> large job here, but you should not be looking for excuses to avoid that
job.
> Some of the problems in your code are leaving your site extremely
vulnerable
> to being hacked. See these links about sql injection:
>
> http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=23
> http://www.nextgenss.com/papers/adv...l_injection.pdf
> http://www.nextgenss.com/papers/mor...l_injection.pdf
> http://www.spidynamics.com/papers/S...nWhitePaper.pdf
>
> HTH,
> Bob Barrows
>
> Gabriel Mejía wrote:
> --
> Microsoft MVP -- ASP/ASP.NET
> Please reply to the newsgroup. The email account listed in my From
> header is my spam trap, so I don't check it very often. You will get a
> quicker response by posting to the newsgroup.
>
>


Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com