Use CFQUERYPARAM
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 23, 2003 6:21 AM To: CF-Talk Subject: Re: CF & Database Options Quoting paul smith <[EMAIL PROTECTED]>: > > For some time, I have run the main listing database at > www.SMARTERyellowpages.com as read-only, being more than a little paranoid > about it. Obviously, this means the queries are read only. How have you set the database to read-only? > But this complicates updating the database, which I do every 24 > hours. Since so many queries are cached, CFQUERYPARAM is of no help in > preventing SQL Injection. The vast majority of these are amenable to using > VAL to prevent SQL Injection. > > What are your thoughts on not having the database read-only, or any other > related issues, and (me, not users) being able to update a running > database? Just some thoughts: - query caching does not necessarily have to happen through the cfquery tag - you could use multiple logins to the database, a readonly login and a normal one for instance - use something not CF to update the database Jochem ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
