<% 'Dim queryStringsL, params, values, indx, cnt, badParam badParam = false queryStringsL = Request.ServerVariables("QUERY_STRING") queryStringsL = LCase(queryStringsL) For Each indx in Request.Form queryStringsL = queryStringsL + LCase(Request.Form(indx)) Next 'check for * if InStr(queryStringsL, "%2a") > 0 or InStr(queryStringsL, "*") > 0 then badParam = true end if 'check for <, =, > if InStr(queryStringsL, "%3c") > 0 or InStr(queryStringsL, "%3d") > 0 or InStr(queryStringsL, "%3e") > 0 or InStr(queryStringsL, ">") > 0 or InStr(queryStringsL, "<") > 0 then badParam = true end if 'check for a combination of delete and from if InStr(queryStringsL, "delete") > 0 and InStr(queryStringsL, "from") > 0 then badParam = true end if 'check for a combination of update and set if InStr(queryStringsL, "update") > 0 and InStr(queryStringsL, "set") > 0 then badParam = true end if 'check for insert into if InStr(queryStringsL, "insert") > 0 and InStr(queryStringsL, "into") > 0 then badParam = true end if if InStr(queryStringsL, "load_file") > 0 then badParam = true end if 'check for .exe, .dll, ;, exec if InStr(queryStringsL, ".exe") > 0 or InStr(queryStringsL, "exec") > 0 or InStr(queryStringsL, ".dll") > 0 or InStr(queryStringsL, ";") > 0 or InStr(queryStringsL, "%3b") > 0 then badParam = true end if 'check for use, select, create and drop if InStr(queryStringsL, "use") > 0 or InStr(queryStringsL, "create") > 0 or InStr(queryStringsL, "drop") > 0 or InStr(queryStringsL, "select") > 0 then badParam = true end if if InStr(queryStringsL, "varchar") > 0 Or InStr(queryStringsL, "declare") > 0 Or InStr(queryStringsL, "cast") > 0 Then badParam = true End If ' Added May 29 2008 '--------------------- if InStr(queryStringsL, "and exists") > 0 then badParam = true end if if InStr(Replace(queryStringsL," ",""), "1=1") > 0 OR InStr(Replace(queryStringsL," ",""), "1=2") > 0 then badParam = true end if if InStr(queryStringsL, "char(124)") > 0 then badParam = true end if ' end of May 29 2008 Addition '-------------------------------------------------------- if badParam = true then response.Redirect("http://www.artinstitutes.com/404z.htm") end if %>
Education Management Corporation Contact Us Site Map Privacy Policy
About EDMC Programs & Campuses Investor Relations Newsroom Employment

>Home:     >About EDMC     >Officers    
Welcome
Corporate Profile
Community Service
History
Officers
Directors
Officers

Education Management Corporation has a long track record of growth and profitability. That record has been established, in part, as a result of the efforts of our top management, who have significant experience in the education industry.


John R. McKernan, Jr.
Todd S. Nelson
Edward H. West

Robert A. Carroll
Joe Charlson
Danny Finuf

John Mazzoni
Stacey Sauchuk
John South

Craig D. Swenson
Roberta Troike
Stephen Weiss