[cfaussie] Global public input sanitisation
Hi All, Just sort of throwing this out there for ideas.. I've been mulling over the idea of creating a method for global input sanitisation... (not validation) ensuring that if the URL and Form variables contain what looks like malicious input, the request is brought to a halt before anything else executes. The idea is that on any form submission: - Referer is checked to avoid cross site scripting - Variable values are checked for SQL and HTTP Header codes to avoid injection and response splitting I'm going to include a 'whitelist' for either pages or form fieldnames exempt from this check, as well as for valid referers. What else should I be checking? Am I missing some potential problems with this idea? Will the execution time be too costly? .. All thoughts welcome, cheers B. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to cfaussie@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cfaussie?hl=en -~--~~~~--~~--~--~---
[cfaussie] webservice problem
Hi All
I'm using CF 6.1 - I can't seem to consume any webservices that have a
binary argument. I am attempting to pass a file as one of the
arguments.
it keeps on throwing this error
Web service operation "load" with parameters {theFile={},} could not be
found.
The webservice is there and the argument names are correct (eg..if I
change the type to string it works fine)..
any help, much appreciated
thanks
Drew
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"cfaussie" group.
To post to this group, send email to cfaussie@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cfaussie?hl=en
-~--~~~~--~~--~--~---
[cfaussie] Re: SQL problem
No probs -Original Message- From: cfaussie@googlegroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Darren Tracey Sent: Thursday, 4 October 2007 12:04 PM To: cfaussie Subject: [cfaussie] Re: SQL problem Thanks Steve. Thats exactly what I was after, and I didn't realise it was that simple! (No wonder my efforts with Google were of no use!) Regards Darren Tracey On Oct 4, 11:59 am, "Steve Onnis" <[EMAIL PROTECTED]> wrote: > UPDATE TableA > SET ColumnC = ColumnB > > Simple? > > > > -Original Message- > From: cfaussie@googlegroups.com [mailto:[EMAIL PROTECTED] On > Behalf > > Of Darren Tracey > Sent: Thursday, 4 October 2007 11:57 AM > To: cfaussie > Subject: [cfaussie] SQL problem > > Sorry about posting this here, but I'm having a fuzzy brain day and > can't work out how to do this. > > I have a table in an MSSQL DB which we shall call TableA. > It has a bunch of fields including ColumnA, ColumnB, and ColumnC. > ColumnA is the unique identifier. > I need a single SQL statement that will copy the values from ColumnB > for each record and put them into ColumnC for the same record in the same table. > > I'm not after a CF solution for this (eg. select all records from > table, loop over query results, update each record). > I've got a nagging feeling that I can do this in a single SQL > statement (some sort of update with a nested select), and that I've > done it before, but I can't remember how to do it and Google is not being my friend today. > > Any suggestions? > > Regards > > Darren Tracey- Hide quoted text - > > - Show quoted text - --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to cfaussie@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cfaussie?hl=en -~--~~~~--~~--~--~---
[cfaussie] Re: SQL problem
Thanks Steve. Thats exactly what I was after, and I didn't realise it was that simple! (No wonder my efforts with Google were of no use!) Regards Darren Tracey On Oct 4, 11:59 am, "Steve Onnis" <[EMAIL PROTECTED]> wrote: > UPDATE TableA > SET ColumnC = ColumnB > > Simple? > > > > -Original Message- > From: cfaussie@googlegroups.com [mailto:[EMAIL PROTECTED] On Behalf > > Of Darren Tracey > Sent: Thursday, 4 October 2007 11:57 AM > To: cfaussie > Subject: [cfaussie] SQL problem > > Sorry about posting this here, but I'm having a fuzzy brain day and can't > work out how to do this. > > I have a table in an MSSQL DB which we shall call TableA. > It has a bunch of fields including ColumnA, ColumnB, and ColumnC. > ColumnA is the unique identifier. > I need a single SQL statement that will copy the values from ColumnB for > each record and put them into ColumnC for the same record in the same table. > > I'm not after a CF solution for this (eg. select all records from table, > loop over query results, update each record). > I've got a nagging feeling that I can do this in a single SQL statement > (some sort of update with a nested select), and that I've done it before, > but I can't remember how to do it and Google is not being my friend today. > > Any suggestions? > > Regards > > Darren Tracey- Hide quoted text - > > - Show quoted text - --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to cfaussie@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cfaussie?hl=en -~--~~~~--~~--~--~---
[cfaussie] Re: SQL problem
UPDATE TableA SET ColumnC = ColumnB Simple? -Original Message- From: cfaussie@googlegroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Darren Tracey Sent: Thursday, 4 October 2007 11:57 AM To: cfaussie Subject: [cfaussie] SQL problem Sorry about posting this here, but I'm having a fuzzy brain day and can't work out how to do this. I have a table in an MSSQL DB which we shall call TableA. It has a bunch of fields including ColumnA, ColumnB, and ColumnC. ColumnA is the unique identifier. I need a single SQL statement that will copy the values from ColumnB for each record and put them into ColumnC for the same record in the same table. I'm not after a CF solution for this (eg. select all records from table, loop over query results, update each record). I've got a nagging feeling that I can do this in a single SQL statement (some sort of update with a nested select), and that I've done it before, but I can't remember how to do it and Google is not being my friend today. Any suggestions? Regards Darren Tracey --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to cfaussie@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cfaussie?hl=en -~--~~~~--~~--~--~---
[cfaussie] SQL problem
Sorry about posting this here, but I'm having a fuzzy brain day and can't work out how to do this. I have a table in an MSSQL DB which we shall call TableA. It has a bunch of fields including ColumnA, ColumnB, and ColumnC. ColumnA is the unique identifier. I need a single SQL statement that will copy the values from ColumnB for each record and put them into ColumnC for the same record in the same table. I'm not after a CF solution for this (eg. select all records from table, loop over query results, update each record). I've got a nagging feeling that I can do this in a single SQL statement (some sort of update with a nested select), and that I've done it before, but I can't remember how to do it and Google is not being my friend today. Any suggestions? Regards Darren Tracey --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to cfaussie@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cfaussie?hl=en -~--~~~~--~~--~--~---
[cfaussie] Re: MAX 2007
Barry I think they just showed a demo about generating an AIR app and working online/offline, everything done by ColdFusion. I wonder if they are going to integrate CF9 with Pacifica, it would be awesome. -- João Fernandes www.onflexwithcf.org www.riapt.org --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to cfaussie@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cfaussie?hl=en -~--~~~~--~~--~--~---
[cfaussie] Re: MAX 2007
thanx Chris any details about this Centaur thing? (CF9)? On 10/3/07, Chris Velevitch <[EMAIL PROTECTED]> wrote: > > More news from Chicago:- > http://sydneyflashplatformdevelopersgroup.blogspot.com/ > > On 9/29/07, Chris Velevitch <[EMAIL PROTECTED]> wrote: > > I'm in Chicago for MAX and I will attempt to blog things of interest. > > But my first entry starts on a negative note. (see > > http://sydneyflashplatformdevelopersgroup.blogspot.com/2007/09/experience-design-experience.html) > > > > The conference proper starts in less that 40 hours and in 16 hours the > > "pre-event training" starts. > > > > > > Chris > > -- > > Chris Velevitch > > Manager - Sydney Flash Platform Developers Group > > m: 0415 469 095 > > www.flashdev.org.au > > > > > -- > Chris Velevitch > Manager - Sydney Flash Platform Developers Group > m: 0415 469 095 > www.flashdev.org.au > > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to cfaussie@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cfaussie?hl=en -~--~~~~--~~--~--~---
[cfaussie] Re: Adobe Refresh 07 - Melbourne and Sydney
well, if you've booked the room for the day, might as well use all of it.. On 10/3/07, KC Kuok <[EMAIL PROTECTED]> wrote: > > Just read this in my mail... > > The morning session will be a photoshop session... Most of you who > have signed up to adobe newsletters you should receive this in your > mail, just for this who did not get it... > > http://platform2.traction.com.au/id=1860,18084589,8341539,49368,1&url=http://events.adobe.co.uk/events/cgi/event.cgi?eventid=5998&country=pa > > On Oct 2, 4:11 pm, KC Kuok <[EMAIL PROTECTED]> wrote: > > Just got this off geekglue.blogspot.com (I met Bill at one of the MUG > > meetings) > > > > http://geekglue.blogspot.com/2007/10/adobe-refresh.html > > > > in his comical words "Adobe Refresh is kind of like a MAX debrief for > > us poor suckers who couldn't go." > > > > :) doesn't seem to be a monetary cost involved... so better register > > asap folks! > > > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to cfaussie@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cfaussie?hl=en -~--~~~~--~~--~--~---
[cfaussie] Re: Adobe Refresh 07 - Melbourne and Sydney
Just read this in my mail... The morning session will be a photoshop session... Most of you who have signed up to adobe newsletters you should receive this in your mail, just for this who did not get it... http://platform2.traction.com.au/id=1860,18084589,8341539,49368,1&url=http://events.adobe.co.uk/events/cgi/event.cgi?eventid=5998&country=pa On Oct 2, 4:11 pm, KC Kuok <[EMAIL PROTECTED]> wrote: > Just got this off geekglue.blogspot.com (I met Bill at one of the MUG > meetings) > > http://geekglue.blogspot.com/2007/10/adobe-refresh.html > > in his comical words "Adobe Refresh is kind of like a MAX debrief for > us poor suckers who couldn't go." > > :) doesn't seem to be a monetary cost involved... so better register > asap folks! --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to cfaussie@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cfaussie?hl=en -~--~~~~--~~--~--~---
