Your search for SQL Injection returned 12 results.
This is page 1 of 2
Umbraco backup public beta 2 is available available from the Project homepage.
This new version allows complete SQL server data backup even if your SQL server is remote from the webserver and you don't have the permissions of a SQL server backup operator.
Willison gave a
good presentation on security. He talked about XSS and SQL
Injection which we should all know about but also CSRF
Jacking. If you aren't familiar with the latter then you should
be. In summary, consider the following
Will be my first commercial product featuring, one click backup
of files, ACLs and SQL server data.
Using the Umbraco backup XML mode SQL server restore tool, you can develop a site on your local host running SQL server 2005 express and then migrate that database to SQL 2K on a shared hosting environment with just a couple of quick dos commands (any Umbraco supported version to any other version is fine).
This only works if you are using a version of SQL server and have access to a command prompt on your server. I was looking for a way to source control DB backups and quickly copy my database between development, QA and production environments. Start with the following in a file called backup.sql - obviously change the database name. use master
In the same folder create a file backup2.sql - again the database name and paths to your SQL server install are key. use master
'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\databasename.mdf',
'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\databasename_log.ldf'
Next create a file
in SQL server you can backup and restore and keep the database alive. I'd previously had problems with this, but finally sat down and worked through all of these issues so I now have a solution to share.
The backup database command is simple... existing data files. The move statements allow you to place your data and log files in new locations if the SQL server install directory is different from the server where the backup was taken.
If you are unsure of the names of the original data files which are provided as arguments to 'move' then you can run the following SQL against you db backup.
restore filelistonly from disk = 'd:\umbraco.bak'
The value you are interested in is the Logical Name column.
I'm now at a state
that you usually
get post install.As the forum thread explains this seems to be an issue
introduced in Umbraco 4.5.x where the content cache can't be
created on startup if SQL server is unavailable (I presume it just
fell back to the old cache in previous versions). I was getting the
issue on a regular basis as my hosting provider had enabled my
server to auto restart after installing windows updates. When the
server started up there was a race condition between the SQL server
and IIS services - more often than not IIS would start first and
SQL would not be available.The solution was to Republish the cache manually via the Umbraco
GUI once all services were up. Not wanting to have to do this every
time I delved into the source
Many thanks to Morten aka @sitereactor for the code snippet that makes this work.
At Moriyama, we are a fan of automating the boring stuff so we can spend as much time as possible doing the interesting stuff such as testing Belle (Umbraco 7). We decided to automate Belle installation, so we can set up environments really quickly.
Our weapon of choice for automation is NAnt, a .NET build tool which is ideal for automating tasks like downloading files, extracting zip files etc. We set about building a Belle installer based on our existing NAnt backup and restore script.
We hit a blocker when we tried to automate creating an empty Umbraco database. There isn't an SQL script nowadays. Thankfully Morten provided us with this code snippet
out a form in the last 20 minutes.
But do we really want to implement custom dashboards that allow CSV exports of custom database tables? Does anyone enjoy writing SQL? Well I can’t stand it.We decided to keep the back office part of contour
if you are interested – but at this point we should be discarding historical versions of content and information about who authored it – because the deployment and the runtime circles just don’t care about this.
I’m not into having