Heh. I'm doing some work for a company and am modifying an existing CF app. I used to think I was just another decent but generally run of the mill developer, but after seeing the code that highly paid consultants churn out (including absolutely no use of cfqueryparam), I have no choice but to call myself a coding God who is indeed at the top of his game.
Pete On 4/26/06, James Holmes <[EMAIL PROTECTED]> wrote: > As I thought (and you pointed out), they failed to use cfqeuryparam. > It still amazes me that anyone would consider this a good idead. > > On 4/26/06, Munson, Jacob <[EMAIL PROTECTED]> wrote: > > Those of you that use CartWeaver for CF should be aware that some SQL > > injection holes have been found. Check out my blog entry for details: > > http://www.techfeed.net/blog/index.cfm/2006/4/26/cartweaver-holes > > -- > CFAJAX docs and other useful articles: > http://jr-holmes.coldfusionjournal.com/ > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:238845 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
