I was under the impression that CFQUERYPARAM took care of all of the SQL injection possibilities.
------ All that I know of, but I understand hacker types to often be very creative and intelligent people. I always assume that they have, or will someday, figure out new attacks. The hope being that the attacks are so convoluted and time consuming to usually not be worth it. -------------- Ian Skinner Web Programmer BloodSource www.BloodSource.org Sacramento, CA --------- | 1 | | --------- Binary Soduko | | | --------- "C code. C code run. Run code run. Please!" - Cynthia Dunning Confidentiality Notice: This message including any attachments is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender and delete any copies of this message. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:249030 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
