AbleCommerce Shopping Cart Software

I am getting weird errors where the ' is places somwhere inthe url. Any reason why that would happen? When I navigate my site it works fine.

Administration > Help > Error Log
View Error Log
Date Severity Message Debug Data
9/24/2009 5:50:29 AM Error An error has occured at http://www.safetekusa.com/shopping/Se´arch.aspx?m=47 The file '/shopping/Se´arch.aspx' does not exist.
9/24/2009 5:50:23 AM Error An error has occured at http://www.safetekusa.com/shopping/Co´ntactUs.aspx The file '/shopping/Co´ntactUs.aspx' does not exist.
9/24/2009 5:49:58 AM Error An error has occured at http://www.safetekusa.com/shopping/keyr ... t=3b94354f Path '/shopping/keyriptResource.axd' was not found.
9/24/2009 5:49:57 AM Error An error has occured at http://www.safetekusa.com/shopping/Alle ... ductId=100 The file '/shopping/Allegro-8-Plastic-RU4zàÙÝÐ/Product.aspx' does not exist.
9/24/2009 5:49:57 AM Error An error has occured at http://www.safetekusa.com/shopping/Scri ... t=3b94354f Path '/shopping/ScriptResourc´e.axd' was not found.
9/24/2009 5:49:56 AM Error An error has occured at http://www.safetekusa.com/shopping/Scri ... t=5ff53921 Invalid character in a Base-64 string.
9/24/2009 5:49:54 AM Error An error has occured at http://www.safetekusa.com/shopping/WebR ... 9130991575 Invalid character in a Base-64 string.
9/24/2009 5:49:50 AM Error An error has occured at http://www.safetekusa.com/shopping/WebR ... 9130991575 Path '/shopping/WebResource´.axd' was not found.
9/24/2009 5:49:48 AM Error An error has occured at http://www.safetekusa.com/shopping/WebR ... 9130991575 Invalid character in a Base-64 string.
9/24/2009 5:49:47 AM Error An error has occured at http://www.safetekusa.com/shopping/Scri ... t=5ff53921 Invalid character in a Base-64 string.
9/24/2009 5:49:45 AM Error An error has occured at http://www.safetekusa.com/shopping/Scri ... t=5ff53921 Invalid character in a Base-64 string.
9/24/2009 5:49:13 AM Error An error has occured at http://www.safetekusa.com/shopping/Scri ... t=3b94354f Invalid character in a Base-64 string.
9/24/2009 5:48:56 AM Error An error has occured at http://www.safetekusa.com/shopping/Def´ault.aspx The file '/shopping/Def´ault.aspx' does not exist.
9/24/2009 5:48:54 AM Error An error has occured at http://www.safetekusa.com/shopping/WebR ... 9130991575 Invalid character in a Base-64 string.
9/24/2009 5:48:52 AM Error An error has occured at http://www.safetekusa.com/shopping/WebR ... y-C1qHTuPt Invalid viewstate.
9/24/2009 5:48:28 AM Error An error has occured at http://www.safetekusa.com/shopping/ALTA ... -P´82.aspx The file '/shopping/ALTAIR-Maintenance-Free-Single-Gas-Detector-P´82.aspx' does not exist.

My guess is that this is a bad attempt at SQL injection (a kind of hack).

All queries are executed as stored procedures with AC7, correct?

And bad is right...you think they'd at least try something that makes sense unless it is a spider of some kind

igavemybest wrote:All queries are executed as stored procedures with AC7, correct?

No. AC7 doesn't use sprocs.

I had something similar on a site with the MSN spider. It wasn't apostrophe's but it was creating garbage URLs. I got the abuse email address from Whois for the ip address and sent an email and they stopped the spider. I was surprised to even get a reply.

Mike718NY wrote:

igavemybest wrote:All queries are executed as stored procedures with AC7, correct?

No. AC7 doesn't use sprocs.

Is there a reason why? I would think that is SQL injection protection 101

Please read discussion in following bug report. You can also apply patch for your 7.0.3 store from this bug report
http://bugs.ablecommerce.com/show_bug.cgi?id=8285