>> VALUES ('#Trim(FORM.CatID)#',
>> '#Trim(SESSION.Auth.UserID)#',
First you open yourself up to SQL injection attack unless you use
<cfqueryparam> on all variables.
>> single quotes around CatID, UserID, and Price.
>> I'm using JS validation
You need to do server side validation before you think about JS validation.
JS validation is insecure and is for the user's experience only. Without
validating server side anyone can post any values to your action page. The
error you are seeing is usually a result of the inserted value being the
wrong data type example: "$20.95" instead of "20.95" in a numeric field.
You cannot trust the data you receive from the browser.
>> Hmm..update..I just emailed the latest person who generated
>> the error. They said that they weren't able to upload
>> their images.
I have has issues where the user's Internet Security firewall was set so
tight that they could post the form that contained a multipart/form-data
field (File Upload) but there firewall would not send the data for that
field.
Best Regards,
Dennis Powers
UXB Internet - A website design and Hosting Company
690 Wolcott Road
P.O. Box 6029
Wolcott, CT 06716
Tel: (203)879-2844
http://www.uxbinternet.com/
http://www.uxb.net/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
http://ad.doubleclick.net/clk;160198600;22374440;w
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:298281
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
