Doug Seven has compiled a list of 26 bad practises to avoid when using SQL Server:
http://dotnetjunkies.com/WebLog/dougseven/archive/2004/02/16/7329.aspx
Join Learnable $29 Includes all SitePoint books
{ 4 comments }
February 18, 2004 at 4:40 pmUnencrypted :) Encrypt your connection string, encode it (Base 64 say), and put that output into your web.config file. Then when you need to use it, decode it, and decrypt it.
As web.config files aren’t visible pubically on the web, I do wonder if its worth the effort. But then, no such thing as too secure with connection strings…
February 18, 2004 at 12:39 pmIt’s bad to store passwords in the the Web.Config file? I always thought that was a might good place to store your passwords and connections strings?
February 18, 2004 at 12:27 amGood Stuff
February 17, 2004 at 11:16 amserver returns errors … probably the best practice is to avoid ms sql ;))
——————————————————-
Server Error in ‘/WebLog’ Application.
Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
Details: To enable the details of this specific error message to be viewable on remote machines, please create a
Comments on this entry are closed.
