[thelist] RE: <CFINCLUDE> INSIDE <CFQUERY OUTPUT>?
.jeff
jeff at members.evolt.org
Fri Nov 30 19:11:37 CST 2001
mle,
><><><><><><><><><><><><><><><><><><><><><><><><><><><><><
> From: mle
>
> My url variables retained this space and barfed the
> INCLUDE.
><><><><><><><><><><><><><><><><><><><><><><><><><><><><><
so were you seeing "?include=%20myfile.cfm" in the url?
i hope you're not passing the file to include directly in the url. if so,
you're opening up a major security hole into your website. suppose i wanted
to shut your site down. say i'm visiting /sales.cfm. all i'd have to do is
pass "/sales.cfm" as the include file and you'd have an infinite loop that'd
take the machine down.
if that's not what you're doing then nevermind. ;)
.jeff
http://evolt.org/
jeff at members.evolt.org
http://members.evolt.org/jeff/
More information about the thelist
mailing list