Speaking of which -- here's a fairly thorough thread from the cf-talk archives on the subject of sql insertion attacks and what can and can't be a threat:
http://www.houseoffusion.com/cf_lists/index.cfm?method=messages&threadid=139 15&forumid=4 Sorry for the line-wrap. :) s. isaac dealey 954-776-0046 new epoch http://www.turnkey.to lead architect, tapestry cms http://products.turnkey.to tapestry api is opensource http://www.turnkey.to/tapi certified advanced coldfusion 5 developer http://www.macromedia.com/v1/handlers/index.cfm?ID=21816 > Doesn't <cfqueryparam take care of this? > -----Original Message----- > From: Webmaster [mailto:[EMAIL PROTECTED] > Sent: Friday, March 07, 2003 9:13 AM > To: CF-Talk > Subject: cf_hacker > Hi.. > I am looking for a tag to clean up forms/URL of possible > SQL attacks. I > have > seen it discussed on the list in the past. I went to the > "New" macromedia > site looking for a tag that can do this and found a few. > The one that > sounds interesting is <cf_hacker> by John Ensign, but the > link is broke. > The > domain for this one is no longer valid.. javafuse.com... > What are y'all using for this? > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > ~~~~~~~~~~~| > Archives: > http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 > Subscription: http://www.houseoffusion.com/cf_lists/index. > cfm?method=subscribe&forumid=4 > FAQ: http://www.thenetprofits.co.uk/coldfusion/faq > Signup for the Fusion Authority news alert and keep up > with the latest news in ColdFusion and related topics. > http://www.fusionauthority.com/signup.cfm > Unsubscribe: http://www.houseoffusion.com/cf_lists/uns > ubscribe.cfm?user=633.558.4 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4