I don't think it's going to matter, because CF is generating the doubled up
single quotes that are sent to the db. Here are a few combinations:
http://192.168.0.100/experiments/temp/queries.cfm?user_id=1\'
getuser (Records=0, Time=0ms)
SQL =
select first_name
from users
where
user_id='1\'''http://192.168.0.100/experiments/temp/queries.cfm?user_id=\'1\
'getuser (Records=0, Time=0ms)
SQL =
select first_name
from users
where user_id='\''1\'''
http://192.168.0.100/experiments/temp/queries.cfm?user_id=1'getuser
(Records=0, Time=0ms)
SQL =
select first_name
from users
where user_id='1'''
http://192.168.0.100/experiments/temp/queries.cfm?user_id=1''getuser
(Records=0, Time=0ms)
SQL =
select first_name
from users
where
user_id='1'''''http://192.168.0.100/experiments/temp/queries.cfm?user_id='1
getuser (Records=0, Time=0ms)
SQL =
select first_name
from users
where user_id='''1'
-----Original Message-----
From: Jochem van Dieten [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 24, 2004 10:10 AM
To: CF-Talk
Subject: Re: why are procedures better?
Steve Nelson wrote:
> http://192.168.0.100/experiments/temp/queries.cfm?user_id=\'1\'
Why are you using a backslashes - single quotes combnation twice?
It won't work that way and I only had one.
Please try exactly the following link against a database that
supports C-style escaping:
http://192.168.0.100/experiments/temp/queries.cfm?user_id=1\'
Jochem
--
I don't get it
immigrants don't work
and steal our jobs
- Loesje
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
- Re: why are procedures better? (was: RE: Se... Jochem van Dieten
- Re: why are procedures better? (was: RE... Stephen Moretti
- Re: why are procedures better? (wa... Jochem van Dieten
- Re: why are procedures better?... Stephen Moretti
- RE: why are procedures better? (was: RE: Securing C... Steve Nelson
- Re: why are procedures better? Jochem van Dieten
- RE: why are procedures better? Steve Nelson
- RE: why are procedures better? Tony Weeg
- RE: why are procedures better? Steve Nelson
- Re: why are procedures better? Jochem van Dieten
- Re: why are procedures better? Steve Nelson
- Re: why are procedures better? Jochem van Dieten
- RE: why are procedures better? Steve Nelson
- Re: why are procedures better? (was: RE: Securi... Deanna Schneider
- RE: why are procedures better? (was: RE: Securing C... Philip Arnold
- Re: why are procedures better? Jochem van Dieten
- RE: why are procedures better? Philip Arnold
- RE: why are procedures better? (was: RE: Securing CF App... Stephen Barry