> CF has what you're working on built in.
> So users can't enter html: htmlEditFormat()
> So users can't enter scripts: <cfqueryparam>
> -joe
Well technically htmleditformat() prevents them from entering scripts
(I think he meant _javascript_ in his original email) because it
prevents them from entering html... cfqueryparam prevents them using
sql injection attacks against numeric fields in your database.
I could be misunderstanding the context tho. :)
s. isaac dealey 954.927.5117
new epoch : isn't it time for a change?
add features without fixtures with
the onTap open source framework
http://www.sys-con.com/story/?storyid=44477&DE=1
http://www.sys-con.com/story/?storyid=45569&DE=1
http://www.fusiontap.com
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
