How about if someone types in "drop table x" where x is the name of your
table?
Anyways, what about apostrophies? are they using those? If so, remember
that CF doesn't naturally put them as SQL apostrophies - which is what
PreserveSingleQuotes() is for
-----Original Message-----
From: brob [mailto:[EMAIL PROTECTED]
Sent: Monday, November 10, 2003 6:12 PM
To: CF-Talk
Subject: Dynamic SQL
Hey guys I am allowing user to run SQL scripts by typing them into a
textarea and submitting them. But for ome reason i keep on getting some
syntax error, even though I did an output test of the script on the page
and the script looks alright. Any hints? thanks
_____
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
