AI OnAI Off
SQL injection exception when creating dynamic data store
The storeName will use the full namespace of your ProjectVisits class. Does this contain any special characters? I think that only characters a-z, 0-9, '.', and '_' are allowed for security reasons
Oct 20, 2011 13:10
Guess ProjectVisits is a class defined inside another class. That will mess up the namespace with _
just move the class outside and dont have any spesial characters in the namespace
Oct 20, 2011 14:04
Hello and thanks for your reply! I had invalid characters in the namespace, so I provided a name for the store and the problem was solved.
Oct 20, 2011 15:04
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
Hello!
I'm trying to create a Dynamic Data Store in Episerver CMS6 to store number of visits to certain pages, but I'm getting the following exception:
Exception Details: System.ArgumentException: Contains potentially dangerous (SQL Injection) characters
Parameter name: storeName
My code looks like this:
protected List<ProjectVisits> GetProjectsVisitsInfo()
{
var store = DynamicDataStoreFactory.Instance.GetStore(typeof(ProjectVisits));
if (store == null)
{
DynamicDataStoreFactory.Instance.CreateStore(typeof(ProjectVisits));
return new List<ProjectVisits>();
}
return store.LoadAll<ProjectVisits>().ToList();
}
public class ProjectVisits:IDynamicData
{
public string LinkURL { get; set; }
public int NumberOfVisits { get; set; }
public int PageID { get; set; }
public EPiServer.Data.Identity Id
{
get;
set;
}
}
The exception occurs specifically when I try to create the store. Any ideas?
Thanks!
/Kenia