Re: Fields in my tables are disappearing!

Kevin Audleman (audleman@xxxxxxxxxxx) writes:
I am using a hosted MSSQL 2000 database that powers the backend of my
website. Website visitors interact with it via ASP pages I have
developed. I also have an internal FileMaker 7 database that
periodically synchs with it via Filemaker's ODBC functionality.

Several times now, I have come in one day to discover that my ASP pages
don't work. When I look into it, one of my MSSQL tables will be missing
a few fields. There is nothing in any of my code that sends an ALTER
TABLE command or any other command that affects table structure. These
deletions of fields is totally random.

The most recent example was with a table called FreeTeacherSubs. I just
discovered today that three fields went missing:

HowDidYouHearAboutYES TEXT
FollowUpCallOrEmail TEXT
HowMaterialsFit TEXT

Suffice to say I am baffled! Has anyone ever experienced fields
disappearing from their tables?

One possbility is that the hosting company for some reason restored a
backup. In this case, the columns would be the most recently added.

Jennifer suggested SQL injection, and indeed, if you build your SQL
statements entirely dynamically, and don't parameterise them, your
site could be open to SQL injection. In this case an attacker drops
columns, because, well, he feels like it.

That Filemaker thing you mentioned, what synchs with what. Does your
database sync with Filemaker? In such case, if it synchs the schema
could that have effects?


--
Erland Sommarskog, SQL Server MVP, esquel@xxxxxxxxxxxxx

Books Online for SQL Server 2005 at
http://www.microsoft.com/technet/prodtechnol/sql/2005/downloads/books.mspx
Books Online for SQL Server 2000 at
http://www.microsoft.com/sql/prodinfo/previousversions/books.mspx
.

Relevant Pages

  • Re: Filemaker or Access?
    ... We are going to develop our own database and are ... and a trial version of FMP 8.5. ... Access and don't filemaker. ... SQL server would be the way to go. ...
    (comp.databases.ms-access)
  • Re: help please: contains relationship / counting usage
    ... Filemaker is usually much easier to use than say, MySQL, or SQL Server. ... That said why not do this in an SQL friendly database if you are more comfortable with the problem there. ... I'm using Filemaker for this purpose, which I'm not going to justify with a long winded answer... ...
    (comp.databases.filemaker)
  • Re: which is worse: Office 2007 or itunes
    ... I have spent more time trying to export the iTunes database to Microsoft SQL Server. ... My ultimate goal is to be able to have a method for me to query my iTunes library while in a record store, so that when I am shopping at used CD stores I can check to see if I already own it by querying a web page (fed by a back-end SQL server). ... Maybe I should look at Filemaker sometime. ...
    (comp.sys.mac.advocacy)
  • Re: FM9 connection to MySQL
    ... the Filemaker 9 creates one-way or two-way connections to External SQL ... as a program to enter data into a MySQL database? ... i.e. SQL server, DB2, etc) are subjected to any field ...
    (comp.databases.filemaker)
  • Re: SQL Store MAC?
    ... Apple owns FileMaker, which is a competitor to Microsoft Access. ... It has SQL links capability and works with popular SQL server back-ends, all of which are available for Mac. ... Especially with the new "Bento" edition of filemaker selling for about $49.00 US. ...
    (borland.public.delphi.non-technical)