> Hey Dave,
> CF has what you're working on built in.
> So users can't enter html: htmlEditFormat()
> So users can't enter scripts: <cfqueryparam>
> -joe
Well technically htmleditformat() prevents them from entering scripts
(I think he meant _javascript_ in his original email) because it
prevents them from entering html... cfqueryparam prevents them using
sql injection attacks against numeric fields in your database.
I could be misunderstanding the context tho. :)
s. isaac dealey 954.927.5117
new epoch : isn't it time for a change?
add features without fixtures with
the onTap open source framework
http://www.sys-con.com/story/?storyid=44477&DE=1
http://www.sys-con.com/story/?storyid=45569&DE=1
http://www.fusiontap.com
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
[Donations and Support]
- blackstone, what would be sweet dave
- Re: blackstone, what would be sweet Mike Kelp
- Re: blackstone, what would be sweet Joe Rinehart
- Re: blackstone, what would be sweet dave
- Re: blackstone, what would be sweet Mike Kelp
- Re: blackstone, what would be sweet S . Isaac Dealey
- Re: blackstone, what would be sweet Joe Rinehart
- Re: blackstone, what would be sweet dave
- Re: blackstone, what would be sweet S . Isaac Dealey
- Re: blackstone, what would be sweet S . Isaac Dealey
- Re: blackstone, what would be sweet dave
- Re: blackstone, what would be sweet S . Isaac Dealey