[thelist] ColdFusion but mostly SQL question

lon.kraemer lwkraemer at directvinternet.com
Sun Jul 28 18:39:15 CDT 2002


Google 'sql injection'

----- Original Message -----
> I have a huge website with many form entries and url variables.  I
just
> realized that anybody can come along and insert sql code into my
> variables and have it executed.  What is the quickest and easiest way
I
> fix this?
>
> Is doing a replace() on ' the only way?





More information about the thelist mailing list