OODs - Please Read - by: Mark Elkington
Hi
In the last few weeks the raceManager application has been subject to multiple and regular "SQL insertion" attempts to get personal data from our database. There is no personal data in the database apart from who was racing in any particular race - but they still keep trying. These attacks haven't managed to do any damage yet - but it takes a tremendous amount of my time checking that everything is OK.
One of the problems is that OODs repeatedly forget to CLOSE the race before leaving the race box. Once the race is closed it removes our exposure to these attacks. Please help me by always closing the race before you leave.
Don't worry if you still have some results discrepancies you haven't been able to resolve - always CLOSE the race before you go home. Michael and I can always resolve issues later using the system administration application.
Closing the race is not just producing the results it requires you to click the CLOSE RACE button on either the RESULTS page or the STATUS page. You can even leave me a message about any issues you had when doing it. This action tidies everything up and closes the door on any 'SQL insertion' attacks.
This is important - please help me out and remember to do this
Mark
In the last few weeks the raceManager application has been subject to multiple and regular "SQL insertion" attempts to get personal data from our database. There is no personal data in the database apart from who was racing in any particular race - but they still keep trying. These attacks haven't managed to do any damage yet - but it takes a tremendous amount of my time checking that everything is OK.
One of the problems is that OODs repeatedly forget to CLOSE the race before leaving the race box. Once the race is closed it removes our exposure to these attacks. Please help me by always closing the race before you leave.
Don't worry if you still have some results discrepancies you haven't been able to resolve - always CLOSE the race before you go home. Michael and I can always resolve issues later using the system administration application.
Closing the race is not just producing the results it requires you to click the CLOSE RACE button on either the RESULTS page or the STATUS page. You can even leave me a message about any issues you had when doing it. This action tidies everything up and closes the door on any 'SQL insertion' attacks.
This is important - please help me out and remember to do this
Mark