Send stored procedure in ajax data
Question
I need send stored procedure with parameter in ajax data.
Below is my example, after send get this error
Apostrophes real problem,any solution?
function sendData(userNameVal, procedureNameVal, jsonCallBackFunc) {
var stringVal = "wsInsertData N'EXECUTE carInsert N''160655'',N''data:image/png;base64,AAAAAAAAAAAA'',N''18602''', N'18602'";
$.ajax({
type: "POST",
url: 'helloService.asmx/myService',
data: "{userName:\"" + userNameVal + "\",procedureName:\"" + stringVal + "\",callback:\"" + jsonCallBackFunc + "\",}",
dataType: 'json',
contentType: 'application/json; charset=utf-8',
success: function (response) {
$('#lblError').html(JSON.stringify(response));
},
error: function (error) {
console.log(error);
}
});
}
2 answers
solution1
1 2016-03-29 12:13:10
Security! All it takes is a user to edit the JSON response to the server and add their own SQL, and they can make your SQL server do anything they want. Pass whatever parameters you need, and have the server construct the Stored Proc after sanitizing possible crazy inputs from the client.
solution2
0 2016-03-29 12:10:10
在“回调”之前,添加单引号“,该引号不会终止。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
WCF Service - using AJAX to pass stored procedure name as data
How can I send array to stored procedure? What is the best data format if I send it from JS?
Returning stored procedure output through ajax
send specific data to ajax
Send Data by Ajax
Send data ajax php
Send data on ajax
Send data AJAX to RequestBody
Send Locally Stored Image to Server Via Ajax
reorganizing data columns Snowflake using stored procedure
Related Tags