> Interesting question:
>
> <!--- <cfif isdefined('url.dimension')>
> <cfquery name="test" datasource="#DB#" username="#USER#"
> password="#PASS#">
> select age,size
> from accessories
> where age='#url.age#' and visible=1
> </cfquery></cfif> --->
>
> This is commented query in the code: Do any of you think if
> can process commented? I dont think so. But I am curious
> these hackers can do crazy stuff. Probably I will get an
> answer put in the commented query cfqueryparam or delete it :)
Code that is disabled by CFML comments isn't executed, and is therefore
perfectly safe.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
Fig Leaf Software provides the highest caliber vendor-authorized
instruction at our training centers in Washington DC, Atlanta,
Chicago, Baltimore, Northern Virginia, or on-site at your location.
Visit http://training.figleaf.com/ for more information!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
http://ad.doubleclick.net/clk;203748912;27390454;j
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:309751
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
