Pete, So is that the purpose of the !3000 then? Got it!
-----Original Message----- From: Pete Freitag [mailto:p...@foundeo.com] Sent: Monday, July 22, 2013 2:23 PM To: cf-talk Subject: Re: Hack Attempt on our database last night On Mon, Jul 22, 2013 at 12:45 PM, Mark A Kruger <mkru...@cfwebtools.com>wrote: > Doesn't the /* */ force the whole string into a comment? Hard to see how > that would succeed. > It is a MySQL version specific comment so if MySQL version is greater than version 3.0 in this case it would execute, all other DB engines would treat as a comment. -- Pete Freitag - Adobe Community Professional http://foundeo.com/ - ColdFusion Consulting & Products http://hackmycf.com - Is your ColdFusion Server Secure? http://www.youtube.com/watch?v=ubESB87vl5U - FuseGuard your CFML in 10 minutes ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:356276 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
