Micha, If you are concerned about database security you shouldn't be placing any SQL inline in your CF and should rely strictly on StoredProcs.
-Adam On Fri, 18 Feb 2005 08:41:14 +0100, Micha Schopman <[EMAIL PROTECTED]> wrote: > Still, would you, like Jochem mentioned a few weeks ago, take ANY chance > that someone smarter than you might access to your system :) > > I think it is not a discussion about whether you need the tag or not, it > is merely a discussion between would you take the chance or not being > exposed to less friendly people? > > I admit, I don't like the tag syntax at all, but I will force myself > using cfqueryparam purely because I am ignorant compared to fulltime > hackers. I don't play Russian roulette with the millions of email > addresses I might have in the database. I personally would have > preferred some shorthand mode for the tag, but until that becomes > available I still use that long ugly tag. > > A shorthand like this would be fine for me. #qp(value,type)#. I don't > know if, the attributes like max length and null are getting used much > by others, but I personally choose to check for this in the business > logic part, so a simple shorthand would be welcome. > > Micha Schopman > Software Engineer > > Modern Media, Databankweg 12 M, 3821 AL Amersfoort > Tel 033-4535377, Fax 033-4535388 > KvK Amersfoort 39081679, Rabo 39.48.05.380 > > ------------------------------------------------------------------------ > ------------------------------------------------------------------------ > ----- > Modern Media, Making You Interact Smarter. Onze oplossingen verbeteren > de interactie met uw doelgroep. > Wilt u meer omzet, lagere kosten of een beter service niveau? Voor meer > informatie zie www.modernmedia.nl > ------------------------------------------------------------------------ > ------------------------------------------------------------------------ > ----- > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:195476 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
