Great link, thanks!
Peter
----- Original Message ----- From: "Bill Conlon" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Tuesday, February 01, 2005 12:14 AM
Subject: Re: Witango-Talk: Eliminating the SQL error message on large fields
How about
<@ASSIGN SCOPE="request" NAME="text" VALUE="<@SUBSRTING NAME='<@POSTARG textarea>' START='1' NUMCHARS='8000'>">
Then insert @@request$text into your db. You might also consider checking the input for SQL injection or other attacks.
BTW, even if you used TEXT input, anyone can arbitrarily post larger arguments, so it's prudent to check the input, and never assume that the input form will protect you. See http://www.owasp.org/documentation/topten.html
On Monday, January 31, 2005, at 02:50 PM, Tom Ferguson wrote:
There's probably some simple way to do this, but it escapes me at the moment.
I have a form with several large fields (8000 chars). They are defined as
Textarea fields so there is no way to limit their size via HTML (that I know
of). So if someone types 8010 chars, SQL throws an overflow error
([Microsoft][ODBC SQL Server Driver]String data, right truncation 22001)
How can I avoid this situation? I'd like to either limit the number of characters in the input, or bypass the error.
Any suggestions?
TIA
Tom Ferguson
_______________________________________________________________________ _ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
________________________________________________________________________
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
