[thelist] OT: Security Clearances
Scott Brady
evolt at scottbrady.net
Thu Jan 31 16:06:00 CST 2002
I've come across quite a few job listings lately where a current security
clearance is a requirement.
My question is this:
Is there a way to get a government security clearance without having to
already have a job that requires one? (Kind of like how employers want
experience, but the only way to get experience is to have a job . . . )
<tip type="cfqueryparam">
Query paramaters are a good way to ensure data integrity when doing queries
(and they're good for security). They accomplish several things:
1) If the field is a string value, it will take care of the quotes for you
[and take care of escaping the single quotes in your data]
2) They help prevent the dreaded security problem of someone adding a query
command to their own data (using a semi-colon)
3) They can help performance with query caching.
Usage:
<cfquery name="theQuery" datasource="#Request.myDSN#">
SELECT
user_name
FROM
userTbl
WHERE
user_id = <cfqueryparam value="#Form.user_id#"
cfsqltype="CF_SQL_INTEGER">
</cfquery>
How does this help with caching? To a database, such as Oracle, this query
looks the same no matter what the value for #Form.user_id# is. So, any time
this query is run [following the first time], it should execute faster.
</tip>
Scott
----------------------------------------------
Scott Brady
http://www.scottbrady.net/
More information about the thelist
mailing list