RE: cf_hacker
Speaking of which -- here's a fairly thorough thread from the cf-talk archives on the subject of sql insertion attacks and what can and can't be a threat: http://www.houseoffusion.com/cf_lists/index.cfm?method=messages&threadid=139 15&forumid=4 Sorry for the line-wrap. :) s. isaac dealey954-776-0046 new epoch http://www.turnkey.to lead architect, tapestry cms http://products.turnkey.to tapestry api is opensource http://www.turnkey.to/tapi certified advanced coldfusion 5 developer http://www.macromedia.com/v1/handlers/index.cfm?ID=21816 > Doesn't -Original Message- > From: Webmaster [mailto:[EMAIL PROTECTED] > Sent: Friday, March 07, 2003 9:13 AM > To: CF-Talk > Subject: cf_hacker > Hi.. > I am looking for a tag to clean up forms/URL of possible > SQL attacks. I > have > seen it discussed on the list in the past. I went to the > "New" macromedia > site looking for a tag that can do this and found a few. > The one that > sounds interesting is by John Ensign, but the > link is broke. > The > domain for this one is no longer valid.. javafuse.com... > What are y'all using for this? > ~~ > ~~~| > Archives: > http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 > Subscription: http://www.houseoffusion.com/cf_lists/index. > cfm?method=subscribe&forumid=4 > FAQ: http://www.thenetprofits.co.uk/coldfusion/faq > Signup for the Fusion Authority news alert and keep up > with the latest news in ColdFusion and related topics. > http://www.fusionauthority.com/signup.cfm > Unsubscribe: http://www.houseoffusion.com/cf_lists/uns > ubscribe.cfm?user=633.558.4 ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: cf_hacker
val() will help you. Also, using stored procs will help. -Original Message- From: Andy Ousterhout [mailto:[EMAIL PROTECTED] Sent: Friday, March 07, 2003 11:17 AM To: CF-Talk Subject: RE: cf_hacker Doesn't mailto:[EMAIL PROTECTED] Sent: Friday, March 07, 2003 9:13 AM To: CF-Talk Subject: cf_hacker Hi.. I am looking for a tag to clean up forms/URL of possible SQL attacks. I have seen it discussed on the list in the past. I went to the "New" macromedia site looking for a tag that can do this and found a few. The one that sounds interesting is by John Ensign, but the link is broke. The domain for this one is no longer valid.. javafuse.com... What are y'all using for this? ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: cf_hacker
Take a look at cf_sqlSafe. -Original Message- From: Ewok [mailto:[EMAIL PROTECTED] Sent: Friday, March 07, 2003 10:41 AM To: CF-Talk Subject: Re: cf_hacker i use cf_inputfilter - Original Message - From: "Webmaster" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Friday, March 07, 2003 10:12 AM Subject: cf_hacker > Hi.. > I am looking for a tag to clean up forms/URL of possible SQL > attacks. I have seen it discussed on the list in the past. I went to > the "New" macromedia site looking for a tag that can do this and found > a few. The one that sounds interesting is by John Ensign, > but the link is broke. The > domain for this one is no longer valid.. javafuse.com... > What are y'all using for this? > > > ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: cf_hacker
Doesn't mailto:[EMAIL PROTECTED] Sent: Friday, March 07, 2003 9:13 AM To: CF-Talk Subject: cf_hacker Hi.. I am looking for a tag to clean up forms/URL of possible SQL attacks. I have seen it discussed on the list in the past. I went to the "New" macromedia site looking for a tag that can do this and found a few. The one that sounds interesting is by John Ensign, but the link is broke. The domain for this one is no longer valid.. javafuse.com... What are y'all using for this? ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: cf_hacker
i use cf_inputfilter - Original Message - From: "Webmaster" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Friday, March 07, 2003 10:12 AM Subject: cf_hacker > Hi.. > I am looking for a tag to clean up forms/URL of possible SQL attacks. I > have > seen it discussed on the list in the past. I went to the "New" macromedia > site looking for a tag that can do this and found a few. The one that > sounds interesting is by John Ensign, but the link is broke. > The > domain for this one is no longer valid.. javafuse.com... > What are y'all using for this? > > > ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
cf_hacker
Hi.. I am looking for a tag to clean up forms/URL of possible SQL attacks. I have seen it discussed on the list in the past. I went to the "New" macromedia site looking for a tag that can do this and found a few. The one that sounds interesting is by John Ensign, but the link is broke. The domain for this one is no longer valid.. javafuse.com... What are y'all using for this? ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4