At 12:21 PM 1/23/03 +0100, you wrote: >Quoting paul smith <[EMAIL PROTECTED]>: > > > > For some time, I have run the main listing database at > > www.SMARTERyellowpages.com as read-only, being more than a little paranoid > > about it. Obviously, this means the queries are read only. > >How have you set the database to read-only?
Using MS SQL7 Enterprise Manager. > > But this complicates updating the database, which I do every 24 > > hours. Since so many queries are cached, CFQUERYPARAM is of no help in > > preventing SQL Injection. The vast majority of these are amenable to using > > VAL to prevent SQL Injection. > > > > What are your thoughts on not having the database read-only, or any other > > related issues, and (me, not users) being able to update a running > > database? > >Just some thoughts: >- query caching does not necessarily have to happen through the cfquery tag Are you referring to normal DB caching? >- you could use multiple logins to the database, a readonly login and a normal >one for instance Tell me more. >- use something not CF to update the database Such as? best, paul >Jochem ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
