An old long article from MSDN talked about asp.net security model. I reread it quickly due to current existing project need feeling it was worth reading for each asp.net programmer if you want to deep

scenario: some forums without input well validated and guest message is allowed to input. step:leave the following code snippet <img src="http://google.com/images/logo.gif" onload="window.location='ht

Today, when I viewed Duwamish source code, I found this sqlserver option. I remembered in my program I always checked the @@error variable and then made decision to make sure the atomicy of the whole