The Atlanta CFUG discussed SQL injection at its last meeting. Here is a
script I wrote for removing all SQL injection from FORM and URL scopes. You
could either put this in a file and including it in your Application.CFM or
turn it into a Function and put it in a CFC and Invoke it from the
Application.CFM. With this done, POOF!!, no SQL Injection! At least not
from the FORM or URL scopes.
Test it here: http://www.dynapp.net/_test.cfm
Let me know if you have any feedback or suggestions.
THANKS!!
Wes
See Script Below
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
[Donations and Support]
- Re: A script to Prevent SQL Injection: feedback... Wes
- Re: A script to Prevent SQL Injection: fee... Jochem van Dieten
- RE: A script to Prevent SQL Injection: fee... Robertson-Ravo, Neil (RX)
- RE: A script to Prevent SQL Injection: ... Wes
- RE: A script to Prevent SQL Injecti... Wes
- Re: A script to Prevent SQL Inj... Jochem van Dieten
- Re: A script to Prevent SQ... Jochem van Dieten
- Re: A script to Prevent SQL Injection: ... Joe Rinehart
- RE: A script to Prevent SQL Injecti... Wes
- Re: A script to Prevent SQL Inj... Jochem van Dieten
- RE: A script to Prevent SQL Injecti... Wes