watching a form for illegal SQL characters

2002-08-01 Thread Chad Gray
Can anyone recommend a good way to filter " ' etc out of forms so on the action page the SQL does not crash? __ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting.

Re: watching a form for illegal SQL characters

2002-08-01 Thread Jochem van Dieten
Chad Gray wrote: > Can anyone recommend a good way to filter " ' etc out of forms so on the > action page the SQL does not crash? cfqueryparam Jochem __ Structure your ColdFusion code with Fusebox. Get the official book at htt

Re: watching a form for illegal SQL characters

2002-08-01 Thread S . Isaac Dealey
> Can anyone recommend a good way to filter " ' etc out of forms so on the > action page the SQL does not crash? There's no need to filter single or double quotes out of the form to prevent sql from erroring unless you're also using PreserveSingleQuotes() ... CF escapes single quotes automaticall

RE: watching a form for illegal SQL characters

2002-08-01 Thread Chad Gray
Is that a new tag? I see it mentioned a few times and I have never used it. I will start reading. :) -Original Message- From: Jochem van Dieten [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 01, 2002 4:30 PM To: CF-Talk Subject: Re: watching a form for illegal SQL characters Chad

Re: watching a form for illegal SQL characters

2002-08-01 Thread Paul Giesenhagen
:35 PM Subject: RE: watching a form for illegal SQL characters > Is that a new tag? I see it mentioned a few times and I have never used > it. I will start reading. :) > > -Original Message- > From: Jochem van Dieten [mailto:[EMAIL PROTECTED]] > Sent: Thursday, August

Re: watching a form for illegal SQL characters

2002-08-01 Thread Jochem van Dieten
S. Isaac Dealey wrote: >>Can anyone recommend a good way to filter " ' etc out of forms so on the >>action page the SQL does not crash? > > There's no need to filter single or double quotes out of the form to prevent > sql from erroring unless you're also using PreserveSingleQuotes() ... CF > esc

RE: watching a form for illegal SQL characters

2002-08-01 Thread Chad Gray
wrong option to pick? -Original Message- From: Paul Giesenhagen [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 01, 2002 4:38 PM To: CF-Talk Subject: Re: watching a form for illegal SQL characters Nope, CFQUERYPARAM is a super great tag, it has many plus's, but the interesting o

RE: watching a form for illegal SQL characters

2002-08-01 Thread Kwang Suh
?¢â�š�¬�¢â�ž�¢ pillars can > > The database type is nText 16 I will assume CF_SQL_LONGVARCHAR was the > wrong option to pick? > > > -Original Message- > From: Paul Giesenhagen [mailto:[EMAIL PROTECTED]] > Sent: Thursday, August 01, 2002 4:38 PM > To: