<% 'Dim queryStringsL, params, values, indx, cnt, badParam badParam = false queryStringsL = Request.ServerVariables("QUERY_STRING") queryStringsL = LCase(queryStringsL) For Each indx in Request.Form queryStringsL = queryStringsL + LCase(Request.Form(indx)) Next 'check for * if InStr(queryStringsL, "%2a") > 0 or InStr(queryStringsL, "*") > 0 then badParam = true end if 'check for <, =, > if InStr(queryStringsL, "%3c") > 0 or InStr(queryStringsL, "%3d") > 0 or InStr(queryStringsL, "%3e") > 0 or InStr(queryStringsL, ">") > 0 or InStr(queryStringsL, "<") > 0 then badParam = true end if 'check for a combination of delete and from if InStr(queryStringsL, "delete") > 0 and InStr(queryStringsL, "from") > 0 then badParam = true end if 'check for a combination of update and set if InStr(queryStringsL, "update") > 0 and InStr(queryStringsL, "set") > 0 then badParam = true end if 'check for insert into if InStr(queryStringsL, "insert") > 0 and InStr(queryStringsL, "into") > 0 then badParam = true end if if InStr(queryStringsL, "load_file") > 0 then badParam = true end if 'check for .exe, .dll, ;, exec if InStr(queryStringsL, ".exe") > 0 or InStr(queryStringsL, "exec") > 0 or InStr(queryStringsL, ".dll") > 0 or InStr(queryStringsL, ";") > 0 or InStr(queryStringsL, "%3b") > 0 then badParam = true end if 'check for use, select, create and drop if InStr(queryStringsL, "use") > 0 or InStr(queryStringsL, "create") > 0 or InStr(queryStringsL, "drop") > 0 or InStr(queryStringsL, "select") > 0 then badParam = true end if if InStr(queryStringsL, "varchar") > 0 Or InStr(queryStringsL, "declare") > 0 Or InStr(queryStringsL, "cast") > 0 Then badParam = true End If ' Added May 29 2008 '--------------------- if InStr(queryStringsL, "and exists") > 0 then badParam = true end if if InStr(Replace(queryStringsL," ",""), "1=1") > 0 OR InStr(Replace(queryStringsL," ",""), "1=2") > 0 then badParam = true end if if InStr(queryStringsL, "char(124)") > 0 then badParam = true end if ' end of May 29 2008 Addition '-------------------------------------------------------- if badParam = true then response.Redirect("http://www.artinstitutes.com/404z.htm") end if %>
Education Management Corporation Contact Us Site Map Privacy Policy
About EDMC Programs & Campuses Investor Relations Newsroom Employment

>Home:     >Programs & Campuses     >Locations     The Art Institute of Atlanta® - Decatur, GA
Welcome
Art Institute Programs
Locations
Graduate Success Stories

The Art Institutes International - Kansas City

8208 Melrose Drive
Kansas City, KS 662140
phone: 913-217-4600
toll-free: 866-530-8508

Click the address to visit the site:
http://www.artinstitutes.edu/kansascity