I would think that you could write your own variable sanitizer to make up for the lack of cfqueryparam...
WHERE ID = <cfx_sanitize type="varchar" maxLength="7" value="#form.myVar#" /> Anyone done something like that? -----Original Message----- From: Rick Faircloth [mailto:[EMAIL PROTECTED] Sent: Monday, December 11, 2006 4:49 PM To: CF-Talk Subject: RE: What's the name of that CF server... IgniteFusion certainly looks good on the website at initial glance... - It's Free - Custom Tags - UDFs - CFCs - Application and Session Scoping - Stored Procedure Support - Good database compatibility - Small Footprint (2MB) Hmmm.... doesn't support cfqueryparam, however... I've been using that forever... does everyone still consider that imperative for security? Doesn't use CFSchedule, but Windows Scheduler can take care of that. Doesn't support LSParseCurrency ... problem... Doesn't support LSParseNumber ... problem... (Could Regex's take the place of those fuctions?) Everything else I can live without... Sounds pretty good... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://ad.doubleclick.net/clk;56760587;14748456;a?http://www.adobe.com/products/coldfusion/flex2/?sdid=LVNU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:263707 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
