[thelist] Website Database Security
rudy
r937 at interlog.com
Thu May 3 16:05:15 CDT 2001
> I believe a link to an article was posted here a little while ago that
> outlined several SQL threats to look out for and possible ways around
> them. It was a general article but the examples and solutions used
> ColdFusion, any idea of where that article was located?
hi chris
if you have downloaded the 4.5 documentation, there's a good example at
this relative location (watch for wrap) --
/cfdocs45/CFML_Language_Reference/2_ColdFusion_Tags/lr2_074.htm#2191756
this is the CFQUERYPARAM tag and the example shows how someone
might try to append another sql command after a semicolon in an input
variable, and how cfqueryparam cuts that off
rudy.ca
More information about the thelist
mailing list