On the first point, this *can* be done with a little work, although it's not perfect. Use a little server-side code to create a 1-time-code for use in the search script. Store these codes in a database along with a timestamp of when they were created, and if the code is older than 30 minutes, fail the search. It won't stop them from reloading a new page, but would keep them from using the same page over and over again. You could also do the same thing with cookies, which would be a tiny bit harder for the user to work around.

Perhaps a better solution is to take the database 'private' and require registration before use - you could then track who did what, and manually blacklist the abusers.

None of that is impregnable, but the goal of any security is simply to make it too much trouble for the would-be attacker compared with the value of the data.

Sales people are persistant and have a lot of time on their hands, but are not usually very technical. Combine HTTP basic authentication with a registration process and a cookie to track # of searches, and you'd probably block 90% of them.

"Non sequitur. Your facts are un-coordinated." - Nomad

In reply to Re: Database Security by Clownburner
in thread Database Security by mickie2000

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.