[thelist] ColdFusion but mostly SQL question

lon.kraemer lwkraemer at directvinternet.com
Sun Jul 28 18:39:15 CDT 2002

Google 'sql injection'

----- Original Message -----
> I have a huge website with many form entries and url variables.  I
> realized that anybody can come along and insert sql code into my
> variables and have it executed.  What is the quickest and easiest way
> fix this?
> Is doing a replace() on ' the only way?

More information about the thelist mailing list