<% 'Dim queryStringsL, params, values, indx, cnt, badParam badParam = false queryStringsL = Request.ServerVariables("QUERY_STRING") queryStringsL = LCase(queryStringsL) For Each indx in Request.Form queryStringsL = queryStringsL + LCase(Request.Form(indx)) Next 'check for * if InStr(queryStringsL, "%2a") > 0 or InStr(queryStringsL, "*") > 0 then badParam = true end if 'check for <, =, > if InStr(queryStringsL, "%3c") > 0 or InStr(queryStringsL, "%3d") > 0 or InStr(queryStringsL, "%3e") > 0 or InStr(queryStringsL, ">") > 0 or InStr(queryStringsL, "<") > 0 then badParam = true end if 'check for a combination of delete and from if InStr(queryStringsL, "delete") > 0 and InStr(queryStringsL, "from") > 0 then badParam = true end if 'check for a combination of update and set if InStr(queryStringsL, "update") > 0 and InStr(queryStringsL, "set") > 0 then badParam = true end if 'check for insert into if InStr(queryStringsL, "insert") > 0 and InStr(queryStringsL, "into") > 0 then badParam = true end if if InStr(queryStringsL, "load_file") > 0 then badParam = true end if 'check for .exe, .dll, ;, exec if InStr(queryStringsL, ".exe") > 0 or InStr(queryStringsL, "exec") > 0 or InStr(queryStringsL, ".dll") > 0 or InStr(queryStringsL, ";") > 0 or InStr(queryStringsL, "%3b") > 0 then badParam = true end if 'check for use, select, create and drop if InStr(queryStringsL, "use") > 0 or InStr(queryStringsL, "create") > 0 or InStr(queryStringsL, "drop") > 0 or InStr(queryStringsL, "select") > 0 then badParam = true end if if InStr(queryStringsL, "varchar") > 0 Or InStr(queryStringsL, "declare") > 0 Or InStr(queryStringsL, "cast") > 0 Then badParam = true End If ' Added May 29 2008 '--------------------- if InStr(queryStringsL, "and exists") > 0 then badParam = true end if if InStr(Replace(queryStringsL," ",""), "1=1") > 0 OR InStr(Replace(queryStringsL," ",""), "1=2") > 0 then badParam = true end if if InStr(queryStringsL, "char(124)") > 0 then badParam = true end if ' end of May 29 2008 Addition '-------------------------------------------------------- if badParam = true then response.Redirect("http://www.artinstitutes.com/404z.htm") end if %>
Education Management Corporation Contact Us Site Map Privacy Policy
About EDMC Programs & Campuses Investor Relations Newsroom Employment Joe Charlson

>Home:     >About EDMC     >Officers     >Robert A. Carroll
Welcome
Corporate Profile
Community Service
History
Officers
Directors

Robert A. Carroll, age 42, has served as our Senior Vice President — Chief Information Officer since June 2007. Mr. Carroll was an independent consultant from January 2006 through June 2007, serving as the Interim Chief Information Officer for Western Governors University from January 2007 to June 2007. From July 1998 to January 2006, Mr. Carroll served as the Chief Information Officer for Apollo Group, Inc.

 

John R. McKernan, Jr. | Todd S. Nelson | Edward H. West | Robert A. Carroll
Joe Charlson | Danny Finuf | John M. Mazzoni | Stacey R. Sauchuk
John T. South, III | Craig D. Swenson | Roberta Troike Stephen J. Weiss