Doug Seven has compiled a list of 26 bad practises to avoid when using SQL Server:
http://dotnetjunkies.com/WebLog/dougseven/archive/2004/02/16/7329.aspx
Related posts:
- Will Server-Side JavaScript ever catch on? Server-side JavaScript appears to be a logical choice for web...
- Learn SQL — The EASY Way! We’re very pleased to announce the latest addition to...
- Server-side JavaScript Will Be as Common as PHP Despite the fact that JavaScript has been typecast as the...
- How to Install Apache Web Server on Windows Professional web developers need a web server and Apache is...
- Build Your Own Dev Server with VirtualBox What's the best way to test your web site on...
server returns errors … probably the best practice is to avoid ms sql ;))
——————————————————-
Server Error in ‘/WebLog’ Application.
Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
Details: To enable the details of this specific error message to be viewable on remote machines, please create a tag within a “web.config” configuration file located in the root directory of the current web application. This tag should then have its “mode” attribute set to “Off”.
February 17th, 2004 at 11:16 am
Good Stuff
February 18th, 2004 at 12:27 am
It’s bad to store passwords in the the Web.Config file? I always thought that was a might good place to store your passwords and connections strings?
February 18th, 2004 at 12:39 pm
Unencrypted :) Encrypt your connection string, encode it (Base 64 say), and put that output into your web.config file. Then when you need to use it, decode it, and decrypt it.
As web.config files aren’t visible pubically on the web, I do wonder if its worth the effort. But then, no such thing as too secure with connection strings…
February 18th, 2004 at 4:40 pm