Take this example, I hae a Gridview that is bound to a SqlDataSource that has a Select statment which uses a Request Parameter in it's where clause.
If this data is of the correct format everything works fine. However If the input is not the integer that I was expecting but a string of random characters, How do I Trap this before it throws an exception and fails?
I've considered Hooking the Selecting event on the SqlDataSource and canceling the command if the paramter is not of the correct format.
Which is the best event to hook?
Should I hook an event on the SqlDataSource or on the Gridview?
Or should I Hook one of the page load events and do soemthing? (If so what should that be?)
Does anyone have any better solutions?
The Background is that I seem to be the target of a strange web crawler or bot, it goes through all the pages in my site, when it spots a link with a "ID" Parameter it repeats the request But replacing the value with a string like "
http://www.filter-international.com/webservice/aro/medavuw/" Each "Attack" uses the same url, but next time the site is "Crawled" a differnt url is present. Does anyone have any info as to what someone is trying to achive by doing this?
Start Free Trial
