[thelist] Friday Freebie
Raymond Camden
rcamden at allaire.com
Wed Dec 27 07:26:11 CST 2000
>
> all the code you have above with the try/catch scenario is completely
> unnecessary because the cold fusion server will not throw an
> error when you
> try to param a value. if it's already defined (coming in from a
It _will_ throw an error, however, if url.x is not a number. Notice the
TYPE= part to my code? That forces the value to be a certain type.
Therefore, if the user mucks with the query string, and changes id=5 to
id=ray, they will get an error. (Of course, it's their fault, but normally
it's better to suppress things, and in this case, you may want to log an ip
to a security file or somesuch.)
=======================================================================
Raymond Camden, Principal Spectra Compliance Engineer for Allaire
Email : jedimaster at allaire.com
ICQ UIN : 3679482
"My ally is the Force, and a powerful ally it is." - Yoda
More information about the thelist
mailing list