I use regex on cfinput tags because some of allowed characters on some fields are ' . , % # etc.
The problem is that on the posted to page when I use cfqueryparam there is not option for regex and I do want to control which characters are allowed. never * < > ( ) etc. My sites have (i hope) very tight security and reside within an iframe and the pages with any queries check to see if the correct page is posting to them and also some other security checks but I worry about some techijerk rewriting the page in their browser and submitting. Client server is cf9 and that they should upgrade is a whole different matter. always paranoid as it should be. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/regex/message.cfm/messageid:1258 Subscription: http://www.houseoffusion.com/groups/regex/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/regex/unsubscribe.cfm
