ImageCR3 does that impeccably. When specifying dimensions for the resize
you put 250x100 and it will resize the width down to 250 if greater
and/or the height down to 100 is greater than 100 with prefect quality
results.
Martin
http://www.beetrootstreet.com
-Original Message-
From:
On 10/4/05, Bob Haroche [EMAIL PROTECTED] wrote:
Are you sure your router supports loopback? I had the same issue
where I couldn't browse to my dev sites using their external IP's
when I'm on my LAN, though I can when I'm outside my LAN.
Nah, that's definitely not it - I can browse the dev
No I agree, that wasn't very nice.
Anyway, someone mentioned before about posting the info about the headers in
order to further diagnose this problem? how is that done?
And as far as server configuration, what can be done on that end? But I
guessing the server end is fine. And that its
Are there any good examples anywhere of CF and the Google earth client
?
Martin Rumens
VT Communications
Rampisham Transmitting Station
Rampisham Down
Maiden Newton
Dorchester
Dorset
DT2 0HS
Tel: 01935 482122
Fax: 01935 482133
Email: [EMAIL PROTECTED]
This Email and any
I am having a bit of a blonde moment today.
It seems to me that all changes to the application.cfc dont seem to be
immediate.. do I have to restart the CF server to see them?
Or maybe its just my code
--
Mark Drew
http://cybersonic.blogspot.com
I am having a bit of a blonde moment today.
It seems to me that all changes to the application.cfc dont seem to be
immediate.. do I have to restart the CF server to see them?
Or change the app name.
Will
~|
Logware
Thanks for that. having a bit of a b'stard of a day as I am consuming a PHP
webservice and its all a tad wierd
On 07/10/05, Will Tomlinson [EMAIL PROTECTED] wrote:
I am having a bit of a blonde moment today.
It seems to me that all changes to the application.cfc dont seem to be
immediate..
Aw, come on now Damien. Why don't we give some good advice and possible
recommendations, rather than off handedly trash DRE's client for poor
program choices;)
I do agree with Damien, Outlook is a very poor choice for this (or any
other) type of application. That being said, what you ask is
It didn't, but I wrote an app on top of tmt_img that does it. If
you're interested in my code, shoot me an email. I also extended
tmt_img a bit.
Pete
~|
Logware (www.logware.us): a new and convenient web-based time tracking
We are experiencing a problem with an MX scheduled task.
The scheduled task will run OK when the go button in the task list in CF
Administrator is clicked. It will also run when the URL is entered into a
browser on the server hosting the sceduled task (through PC Anywhere).
However, when
I heard a challenge from a security consultant that if you are using
ColdFusion you do not have a secure server. He maintains that CF is full of
things a hacker can access. For example he gave the following example. If
you attempt to open a CF website with the following command it will
Hi,
One of the structures I am dealing with is populated dynamically. It looks
thus: perm.public.UserGroup.#PermID#.Permname. I have a number of PermIDs I
want to loop through and set some variables. Hence:
cfloop list=#listOfPermIDs# index=thisPermID
cfif
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
I heard a challenge from a security consultant that if you
are using ColdFusion you do not have a secure server. He
maintains that CF is full of things a hacker can access. For
example he gave the following example. If you attempt to
Anyone can get the IP Address of the server, simply ping the domain
name.
Now, depending on the security patches of the server and how it is
configured
will determine if you can do anything else.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Friday, October
Massimo's tag has getHeight and getWidth methods. Call those on an image,
then check accordingly.
!//--
andy matthews
web developer
ICGLink, Inc.
[EMAIL PROTECTED]
615.370.1530 x737
--//-
-Original Message-
From: Parker, Kevin [mailto:[EMAIL
For what its worth, I have never had a problem finding the IP address
for a server using nslookup on my PC. Not to mention what you can find
out using these sites.
http://www.dnsreport.com/
http://www.dnsstuff.com/
You can change how errors are shown by making changes in the debugging
section of
Because the IP address of a server should be hidden There are always
simple methods to find the answering IP for a domain. If there wasn't a
way to find the ip address for a given domain name, then DNS wouldn't
work. Also, even if you're not trapping the error the screen shows the
Randy,
H actually, the error in question doesn't expose the IP address of
the server (internal or external). Instead it exposes the cgi.remote_addr
address - the address of the client making the request. Is this the error
you are seeing?
Put it out there Pete. I'd be interesting in seeing what else you added to
it, There's a few things that I wish tmt_img did differently. All in all,
it's a great piece of code though. Thank you Massimo.
!//--
andy matthews
web developer
ICGLink, Inc.
[EMAIL PROTECTED]
Sorry, I thought Wally was the name of the security consultant, here --
not the OP.
My sincere apologies to Wally; it seems I'm the moron who can't read a
full post!!! So correct my message to read that Wally's security
consultant is a bit of a moron.
--Ferg
I heard a challenge from a
And to poke big gaping holes in their stories. That's my favorite part.
!//--
andy matthews
web developer
ICGLink, Inc.
[EMAIL PROTECTED]
615.370.1530 x737
--//-
-Original Message-
From: Ken Ferguson [mailto:[EMAIL PROTECTED]
Sent: Friday, October
First of all, IP address are by nature, public information. Thats like
saying your house is less secure because a burglar can find your
address in the yellow pages.
Secondly, this security _expert_ is no expert. Any expert wouldn't
make such blanket statements like CF is less secure. In fact, in
Phil,
From a security standpoint there is the address of the server via DNS
(easily obtained) and then there is the address of the server as it exists
on the internal network or DMZ of the host. Depending on the network setup
this may be quite different and in certain instances can be valuable to
Do you have logging enabled for scheduled tasks? If so, what are the
enteries in scheduler.log?
-Adam
On 10/7/05, bob @ objectiveinternet. com bob @ objectiveinternet. com
[EMAIL PROTECTED] wrote:
We are experiencing a problem with an MX scheduled task.
The scheduled task will run OK when the
Google Earth the desktop application? Or Google Maps the internet
application with the API?
-Adam
On 10/7/05, Rumens, Martin [EMAIL PROTECTED] wrote:
Are there any good examples anywhere of CF and the Google earth client
?
Martin Rumens
VT Communications
Rampisham Transmitting
Hmmm, well. That type of error can happen to a lot of languages. The thing
is that is not an issue for CF to trap. Instead you would configure your
webserver to trap the error. If you refer various CF books that talk about
errors what you would want to do is create a custom handler for bad
From: Mark A Kruger [mailto:[EMAIL PROTECTED]
From a security standpoint there is the address of the server
via DNS (easily obtained) and then there is the address of
the server as it exists on the internal network or DMZ of the
host. Depending on the network setup this may be quite
On 10/7/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
I heard a challenge from a security consultant that if you are using
ColdFusion you do not have a secure server. He maintains that CF is full of
things a hacker can access. For example he gave the following example. If
you attempt
Try using a different notation like:
UserGroup[permID].permName
-Adam
On 10/7/05, George Abraham [EMAIL PROTECTED] wrote:
Hi,
One of the structures I am dealing with is populated dynamically. It looks
thus: perm.public.UserGroup.#PermID#.Permname. I have a number of PermIDs I
want to loop
On 10/7/05, Mark A Kruger [EMAIL PROTECTED] wrote:
Phil,
From a security standpoint there is the address of the server via DNS
(easily obtained) and then there is the address of the server as it exists
on the internal network or DMZ of the host. Depending on the network setup
this may be
I am not the one seeing the error. I was just commenting that you
Could find out the IP address of the server using the domain name
And the ping command.
I know you would see the CGI.REMOTE_ADDR. That is part of the cgi
variables.
Wally was the one looking for the resolution
-Original
On 10/6/05, Stan Winchester [EMAIL PROTECTED] wrote:
Is there a preferred type of repository Native Filesystem vs. Berkeley
Database to CFML projects?
BDB was the only repository choice for the initial releases of
Subversion. Most folks prefer filesystem, which is far easier to deal
with for
But the server using the domain name may not be the server which has the
site on it.
-Original Message-
From: Adkins, Randy [mailto:[EMAIL PROTECTED]
Sent: 07 October 2005 14:40
To: CF-Talk
Subject: RE: ColdFusion Security Holes - Best Practices
I am not the one seeing the error. I
I know. His security expert obviously doesn't. Wally should know
that there is plenty of his server information available via web sites
and utilities. He will then be more informed and can deal with these
security experts in the future.
On 10/7/05, Mark A Kruger [EMAIL PROTECTED] wrote:
Phil,
it will generate an error message that gives you the IP address of
the CF server:
This guy talks about something he knows nothing about.
First, the IP addresse exposed is ... yours, not a big help if you're
a hacker...
Secondly, I'm pretty sure any hacker can get the IP address behind any
Michael,
Yes there are ... but that's not important right now - and stop calling me
shirely :)
Here's what I'm saying. Many web servers are hosted behind a firewall and
exist on a NAT network with static mappings. A PIX or other ALG capable
firewall uses packet inspection to forward requests to
Hello,
I have to create a form with a link that will pop up a calendar. The
user can select a date from that calendar. The textbox field in the
form will be filled with the date the user selects. Can someone tell
me how to do this? We have decided not to use cfform in our company.
See I love that phone call approach. That's one that most hackers miss
I think. Of course it requires human contact so it may be beyond their skill
level..
-Original Message-
From: Claude Schneegans [mailto:[EMAIL PROTECTED]
Sent: Friday, October 07, 2005 9:01 AM
To: CF-Talk
On 10/6/05, Steven Durette [EMAIL PROTECTED] wrote:
Hi All,
Does anyone know if or when updaters with the new tag information will be
available for the updates in 7.0.1 that we can add to Dreamweaver MX 2004 and
Homesite 5.5+ ?
I thought I remember a post from a macromedia engineer saying
Hello,
I'm searching for a good postcard script?
coldfusion oracle.
can anybody help me to find a good script for free if possible.
Thanks in advance,
Alexis
~|
Discover CFTicket - The leading ColdFusion Help Desk and Trouble
Thanks Rick, Matthew and Ray.
All works well w/all the suggestions incorporated.
Robert O.
A simpler way would be to create 2 styles, lets call one results1 and the other
results0
then you can have something like this:
td class= results#currentRow mod 2#etc./td
larry
--
Larry C.
Are you sure you are feeling all right? You just used the words oracle and
free in the same paragraph ;)
-Original Message-
From: cfgaill alex [mailto:[EMAIL PROTECTED]
Sent: Friday, October 07, 2005 9:12 AM
To: CF-Talk
Subject: CFM : postcard, ecard
Hello,
I'm searching for a good
Same problem here.
I know the task does not run because it typically results in an email being
sent to me on an hourly basis.
If I pull up the CFM page in my browser it generates the Email just fine. If I
click the button in CFADMIN it gives me the green success message at the top of
the
On Friday 07 October 2005 15:08, Mark A Kruger wrote:
so you can even call him directly and ask him whatever you want to know
about his server ;-))
He will, of course, be well trained in counter-social engineering and work for
a company with well defined and enforced information security
On Friday 07 October 2005 15:14, Larry Lyons wrote:
A simpler way would be to create 2 styles, lets call one results1 and the
other results0
Simpler is what we do here- give the table the class 'sortable' or
'zebrastrip' and the common javascript code zebra strips it client-side, with
Simpler is what we do here- give the table the class 'sortable' or
'zebrastrip' and the common javascript code zebra strips it client-side,
with
optional sorting by clicking the th cells.
Nice feature indeed, but I wouldn't say is is simpler ;-)
--
___
oooh...lookit...a can.
label says client side vs server side...open with caution
/me throws caution to the wind. rips open can.
oooh! worms!
On 10/7/05, Thomas Chiverton [EMAIL PROTECTED] wrote:
On Friday 07 October 2005 15:14, Larry Lyons wrote:
A simpler way would be to create 2 styles,
you are right, indeed it is a little absurd. but I am only in the search of
a ecard script. it does not matter the type of database.
Can somebody helps ;)
Best regards
ALexis
-Original Message-
From: Mark A Kruger [mailto:[EMAIL PROTECTED]
Sent: Friday, October 07, 2005 4:14 PM
To:
you are right, indeed it is a little absurd. but I am only in the search of a
ecard script. it does not matter the type of database.
Can somebody helps ;)
Best regards
ALexis
Are you sure you are feeling all right? You just used the words oracle and
free in the same paragraph ;)
It depends on what you want the ecard to do. It sounds simple enough
that you can just write it yourself.
John Burns
Certified Advanced ColdFusion MX Developer
Wyle Laboratories, Inc. | Web Developer
-Original Message-
From: cfgaill alex [mailto:[EMAIL PROTECTED]
Sent: Friday,
When I did it, it gave me the standard CF error with MY ip address.
CF MX 7
-Original Message-
From: Michael T. Tangorre [mailto:[EMAIL PROTECTED]
Sent: Friday, October 07, 2005 6:03 AM
To: CF-Talk
Subject: RE: ColdFusion Security Holes - Best Practices
From: [EMAIL PROTECTED]
Thanks Cutter, I imagined it would be like this!
DRE
On 10/7/05, Cutter (CF-Talk) [EMAIL PROTECTED] wrote:
Aw, come on now Damien. Why don't we give some good advice and possible
recommendations, rather than off handedly trash DRE's client for poor
program choices;)
I do agree with Damien,
then lets hope they dont have the show ip address extension for
firefox.
~Dave the disruptor~
Some people just don't appreciate how difficult it is to dispense wisdom and
abuse at the same time.
From: Mark A Kruger [EMAIL PROTECTED]
Sent:
On Friday 07 October 2005 15:25, Claude Schneegans wrote:
Nice feature indeed, but I wouldn't say is is simpler ;-)
It means the server side business stuff doesn't need to care about client side
layout at all - it just spits out a bare HTML table with a vague hint that it
should be sortable.
Okay...
This is related to my original post about image manipulation, but is NOT
asking about a specific program.
My question is that since SO MANY people look for image manipulation in
their programming language, why don't more developers add this feature into
their language. Even PHP doesn't
You're totally right Thomas. Better to use the phone number to get the
address, follow him (where him is any suitable employee) from work to
the bar, lift his security badge / keycard after he's
3-sheets-to-the-wind, excuse yourself, drive back and enter the
building, locate the server room,
It is available in your own language. ColdFusion is really java, and there
has been code posted in java to do image manipulation. Anything that could
be done in java could be done in ColdFusion. If you need something that
performs better, then you go pay for it. ColdFusion can't possibly
Yea, personally I don't remember ever reading any security advisories about
ColdFusion. Sure coldfusion has bugs, but I don't ever remember anything
serious enough to allow people to hack into the server. (although a poorly
configured server is probably full of holes, but that's not coldfusion's
I'm not asking CF to provide everything. But this is something that almost
every needs at one point or another. How many people us cfchart compared to
the number of people that would want to manipulate images?
!//--
andy matthews
web developer
ICGLink, Inc.
[EMAIL PROTECTED]
Hello,
I am trying to perform a silent installation on Solaris, and i keep
winding up with the developer version, not the enterprise version. I
have checked that i am using a valid enterprise serial number (if i
enter this in the admin after installation and deployment it works just
fine, if i
Hi,
We are doing integration with Outlook as we speak with a company called
Infotriever.
Contact me off list if you want and I will connect you with the right
person.
/regards
Marius Milosav
www.scorpiosoft.com
It's not about technology, it's about people
-Original Message-
From: DRE
It cant include everything but it does pretty much everything now!
Also considering that Macromedia will become part of Adobe why not a real
good set of image manipulation tags (Photoshop image scaling alogarithm
anyone?)
I agree with Andy here, ok.. we cant do the most esoteric things but we
I agree, that's a fair question. CF's whole purpose is RAD and inclusion
of things that make development far easier. CFGRID is one of those things,
CFGRAPH is one, there could easily be CFIMAGE. All MM/Adobe needs to do is
buy something like the ImageCR product and integrate it. I imagine it
On 10/7/05, Andy Matthews [EMAIL PROTECTED] wrote:
I'm not asking CF to provide everything. But this is something that almost
every needs at one point or another. How many people us cfchart compared to
the number of people that would want to manipulate images?
BlueDragon Server includes a CFIMAGE tag which does basic image
manipulation.
-JM
Matthew Small wrote:
I agree, that's a fair question. CF's whole purpose is RAD and inclusion
of things that make development far easier. CFGRID is one of those things,
CFGRAPH is one, there could easily be
Agreed...
Rick
-Original Message-
From: Mark Drew [mailto:[EMAIL PROTECTED]
Sent: Friday, October 07, 2005 11:12 AM
To: CF-Talk
Subject: Re: Image manipulation - Why Macromedia?!
It cant include everything but it does pretty much everything now!
Also considering that
I tend to agree with other responses. Image manipulation is available
in the underlying java, and it's not that difficult to implement. There
are several cfcs out there - some are free - that do image manipulation.
I do admit that it'd be nice to see them implement CFIMAGE like
Bluedragon has
Here here!
!//--
andy matthews
web developer
ICGLink, Inc.
[EMAIL PROTECTED]
615.370.1530 x737
--//-
-Original Message-
From: Matthew Small [mailto:[EMAIL PROTECTED]
Sent: Friday, October 07, 2005 10:19 AM
To: CF-Talk
Subject: RE: Image
I remember one advisory, it was related to CF3 Administrator. The password
field length was only secured by the form maxlength attribute, not on
server side. Thus, someone could kill a CF server by posting to the
administrator login screen password field some very long string. The
application
Done.
!//--
andy matthews
web developer
ICGLink, Inc.
[EMAIL PROTECTED]
615.370.1530 x737
--//-
-Original Message-
From: Dave Carabetta [mailto:[EMAIL PROTECTED]
Sent: Friday, October 07, 2005 10:20 AM
To: CF-Talk
Subject: Re: Image manipulation -
That worked, thanks!
George
On 10/7/05, Adrocknaphobia [EMAIL PROTECTED] wrote:
Try using a different notation like:
UserGroup[permID].permName
-Adam
On 10/7/05, George Abraham [EMAIL PROTECTED] wrote:
Hi,
One of the structures I am dealing with is populated dynamically. It
looks
Well ya weren't following that close KevinI posted CFC methods to check
image dimensions AND another to re-sizea couplde of CFIFs and those will
get ya what ya want ;-)
Cheers
Bryan Stevenson B.Comm.
VP Director of E-Commerce Development
Electric Edge Systems Group Inc.
phone:
ImageCR3 does that impeccably. When specifying dimensions for the resize
you put 250x100 and it will resize the width down to 250 if greater
and/or the height down to 100 is greater than 100 with prefect quality
results.
as does minelook at the scaleBy attributeensures that dimension
Anyway, someone mentioned before about posting the info about the
headers in order to further diagnose this problem? how is that done?
by using the liveHTTPheaders plugin for firefox - Damien McKenna suggested it
here: http://www.houseoffusion.com/go.cfm/m:4:42610:220233
I have a need to create a JAVA CFX tag that needs database access. I
would rather use the existing CFMX connection pool than create my own.
Any pointers available.
Apologies if this is the wrong spot for this question. (I found this post in
the Java section).
Is it possible to use the
This seems to be a common problem. Itâs frustrating that it works like this.
-
I am having the same problem. Hopefully someone can shed some light on
this.
-
Hello,
I have been receiving this error a lot with CF Flash Forms:
The form data has
Ok,
I've got a search that looks through several fields in a database and
returns a list of dynamically generated docs (Newsletters, mostly).
Current search is here:
http://www.nelsonmullins.com/news/nelson-mullins-news.cfm
Search for medicare, for example.
I'd like to be able to click a
-Original Message-
From: Adkins, Randy [mailto:[EMAIL PROTECTED]
Sent: Friday, October 07, 2005 9:09 AM
To: CF-Talk
Subject: RE: ColdFusion Security Holes - Best Practices
Anyone can get the IP Address of the server, simply ping the domain
name.
That's only true if it's
check out cflib.org. Someone has written something that does that.
--
--mattRobertson--
Janitor, MSB Web Systems
mysecretbase.com
~|
Logware (www.logware.us): a new and convenient web-based time tracking
application. Start
500 Invalid method signature:
(Ljava/lang/String;[Ljava/lang/String;)Ljava/lang/Object;
Invalid method signature:
(Ljava/lang/String;[Ljava/lang/String;)Ljava/lang/Object;
This electronic message transmission contains information from Collegiate
Funding Services, LLC or its
Yep...
http://www.cflib.org/codeView.cfm?ID=133
!//--
andy matthews
web developer
ICGLink, Inc.
[EMAIL PROTECTED]
615.370.1530 x737
--//-
-Original Message-
From: Matt Robertson [mailto:[EMAIL PROTECTED]
Sent: Friday, October 07, 2005 11:26 AM
To:
i find it quite easy to just do this:
#replaceNoCase(getEntries.username,form.searchTerm,'span
style=background:##dd#capFirst(form.searchTerm)#/span','all')#
basically just replacing the content of the value form.searchterm, in
the display
with the value and a pale yellow background.
tw
On
Hi-
I am having a severe problem with HTMLDOC.EXE. I am
using HTMLDOC to create PDF files in ColdFusion 5.0
using CFexecute via the cf_html2pdf custom tag.
It seems like the sequence of events I am seeing is
first I'll get timeouts:
Timeout period expired without completion of
I tend to agree with other responses. Image manipulation is available
in the underlying java
Java is not a panacea for CF users nor an excuse for any lack of some
tool in CF.
Many CF developers do not wish to learn and use Java.
Developers who really want to use Java would go JSP instead.
It
It means the server side business stuff doesn't need to care about
client side
layout at all
I agree, however, some programer had to develop the Javascript stuff at
some time. ;-)
--
___
REUSE CODE! Use custom tags;
See
Precisely my thoughts Claude. I don't know Java. I don't care to learn Java
(at this point). I just want a toolset in my favorite language, coldfusion.
!//--
andy matthews
web developer
ICGLink, Inc.
[EMAIL PROTECTED]
615.370.1530 x737
--//-
-Original
Hi,
Is there any way to execute multiple queries with ColdFusion MX 6.1
and Oracle Database 9i R2?
The cfquery tag seems to support a single query only ...
Thanks.
~|
Find out how CFTicket can increase your company's customer
The original message mentioned that image manipulation doesn't come with
php, but as a free community provided plugin. There has been code posted
many times on this list that does image manipulation. It is already or can
easily be converted to a cfc. Now, unless someone has a problem with the
I've done that Russ...I'm using Massimo's tmt_img.cfc. It works well. I
simply stated that I wished MM would include this functionality in
Coldfusion itself.
!//--
andy matthews
web developer
ICGLink, Inc.
[EMAIL PROTECTED]
615.370.1530 x737
--//-
There are many things that we'd like to see in CF...but with a little effort
you can write your own.
I mean heywouldn't it be nice if CF came with payment gateway tags?? ;-)
This is the power of CFif it don't come built in...you can build it
yourself with relative ease.
I might add I
On Friday 07 October 2005 15:14, Larry Lyons wrote:
A simpler way would be to create 2 styles, lets call one results1 and the
other results0
Simpler is what we do here- give the table the class 'sortable' or
'zebrastrip' and the common javascript code zebra strips it client-side, with
Can anyone give me a copy of CFMX6.1 seeing as you can no longer download it
from the MM site.
Russ
~|
Discover CFTicket - The leading ColdFusion Help Desk and Trouble
Ticket application
Sorry, it's the other way around. Oracle does not support multiple queries in
a query string. I fought this for a long time before I found an Oracle
blog/tech note/something that indicated you can't do multiple queries.
Stored procedures are probably the only way to go I think, but I've not
Yep...pretty sure with Oracle it's still single query onlybut not in SQL
Server ;-)
Bryan Stevenson B.Comm.
VP Director of E-Commerce Development
Electric Edge Systems Group Inc.
phone: 250.480.0642
fax: 250.480.1264
cell: 250.920.8830
e-mail: [EMAIL PROTECTED]
web:
I believe it goes more like We don't serve French fries here, but here is a
menu for the place next door, pick what you what, and we'll go and get it
for you. We'll even put it on the same bill... you'll never know that it
was from next door unless we told you.
Now what you are asking is for
Meaning SQL server is more vulnerable to SQL injection attacks.
Hmm... wonder what this does?
cfset url.parameter='1; drop table orders;'
cfquery name=qryname datasource=somedsn
Select * from items where itemId=#url.parameter#
/cfquery
-Original Message-
From: Bryan Stevenson
It wasn't as easy to find as it could be, but here is the download link for
Macromedia.
http://www.macromedia.com/cfusion/resourcecenter/resourcecenter.cfm?pagename=cfmx%20updaterloc=en%5Fus;
--
Ian Skinner
Web Programmer
BloodSource
www.BloodSource.org
Sacramento, CA
C code. C
Meaning SQL server is more vulnerable to SQL injection attacks.
Hmm... wonder what this does?
cfset url.parameter='1; drop table orders;'
cfquery name=qryname datasource=somedsn
Select * from items where itemId=#url.parameter#
/cfquery
How do you figure Russ? No matter what DB you use,
Cheers, I certainly couldn't find that
-Original Message-
From: Ian Skinner [mailto:[EMAIL PROTECTED]
Sent: 07 October 2005 18:54
To: CF-Talk
Subject: RE: CFMX 6.1 download
It wasn't as easy to find as it could be, but here is the download link for
Macromedia.
Hmm... wonder what this does?
cfset url.parameter='1; drop table orders;'
cfquery name=qryname datasource=somedsn
Select * from items where itemId=#url.parameter#
/cfquery
Makes a dba very unhappy (unless they were smart enough to use cfqueryparam ;-)
1 - 100 of 186 matches
Mail list logo
