> Yes, preservesinglequotes will protect you from apostrophes.
If by apostrophe you mean single quote (ASCII 34), it won't.
> BUT <CFQUERYPARAM> is even better -- it will protect you from ANY
> potentially dangerous characters.
Indeed. I wish there was some option to set in the administrator
that would validate all queries and simply throw an exception if
there were variables outside a cfqueryparam. Similar to the
option we had to throw exceptions at unlocked shared scope variables.
Jochem
--
I don't get it
immigrants don't work
and steal our jobs
- Loesje
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
