You just loop over a collection:
<!--- Make sure that all attributes scoped variables are decoded and
trimmed --->
<cfloop collection="#url#" item="variables.itm">
<CFIF variables.itm contains "select">
Please don't do that... tisk tisk!
<cfabort>
</cfif>
</cfloop>
On 1/23/08, [EMAIL PROTECTED] [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
> Is there a way to address all URL scopes or do I have to be specific and list
> all URL scopes used on the site?
>
> I'm thinking ...
>
> <CFIF ISDEFINED ("URL.pr_id")>
> <CFIF URL.pr_id contains "select">
> </CFIF>
> </CFIF>
>
>
> >Or at the very least write some generic code in
> >Application.cfm/Application.cfc
> >that inspects the form, url and cookie scopes and strips out anything
> >suspicious like SQL statements. That would only be a half measure though.
> >The queries need to be changed to use cfqueryparam.
> >
> >On Jan 23, 2008 11:38 AM, Tom Chiverton <[EMAIL PROTECTED]>
> >wrote:
> >
> >>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
http://ad.doubleclick.net/clk;160198600;22374440;w
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:297153
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
