>>and Billy New-Developer comes along and decides that
someOtherQuery.someOtherValue could really do with coming directly from the
user? Will he add the cfqp if it's not already there?
This is irrelevant, because:
1. if both fields are numeric, there is no possibility
OtherQuery.someOtherValue can
contain anything harmful;
2. if both fields are text, CFQUERYPARAM won't detect anything harmful
and won't help anyway.
3. if both fields have different types, then you should have fire your
db administrator, or
your developer, or both, a long time ago ;-)
in this case, the least you should do is to check the compatibility
of values BEFORE running the query,
and eventually make the appropriate conversion.
--
_______________________________________
REUSE CODE! Use custom tags;
See http://www.contentbox.com/claude/customtags/tagstore.cfm
(Please send any spam to this address: [EMAIL PROTECTED])
Thanks.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
http://ad.doubleclick.net/clk;203748912;27390454;j
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:309586
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
