There was some discussion about a very similar injection on Stack
Overflow which may be useful:
http://stackoverflow.com/questions/4600954/site-has-been-hacked-via-sql-injection
-Justin
On Sun, Jul 21, 2013 at 1:33 PM, Dave Hatz wrote:
>
> We had someone trying to hack our system last nigh
No, cfqueryparam does not work in the order by clause.
However, when using url params passed to a query for altering the order I use
if/then logic to set the order by clauses to prevent SQLi.
if (url.sortby EQ 'D') { orderby mycolum desc } else { order by mycolumn ASC }
THis is a simple and ef
I know using cfqueryparam helps with hack attempts on your database and it
helps performance for the execution of the queries.
Question, does using the cfqueryparam help with performance on the ORDER BY
clause? One some of our pages we give the user the ability to change the sort
order of t
We had someone trying to hack our system last night and I would like to know
what he was trying to get. Seems one of our new Junior programmers didn't use
CFQUERYPARAM and allowed this param into the query string. Needless to say, I
will be having a nice long chat with him when he gets into t
Stick them on ebay.
Russ Michaels
www.michaels.me.uk
cfmldeveloper.com
cflive.net
cfsearch.com
On 21 Jul 2013 14:41, "Michael David" wrote:
>
> Hello...
>
> I have a handful on CF9 licenses to get rid of. I also have one CF9
> upgrade serial along with the original serial from the previous vers
Hello...
I have a handful on CF9 licenses to get rid of. I also have one CF9
upgrade serial along with the original serial from the previous version.
These are NOT academic licenses, and I am the original purchaser on all.
What are these things worth?
--
Cheers!
Michael David
~
6 matches
Mail list logo