It's the ColdFusion version of the best way, in any programming language, to prevent SQL injection and ensure correct datatypes - bind parameters. You should have been using them in ASP.net too.
On 11/2/07, Rick Sanders <[EMAIL PROTECTED]> wrote: > Thanks for your feedback, > > I'm an ASP.net & XML programmer and new to Cold Fusion. I'll definitely look > into the cfqueryparam since it seems to be the best "Cold Fusion" way to > control user input, and not have your queries break down. > > Kind regards, > > Rick Sanders > Webenergy > Canada: 902-401-7689 > USA: 919-799-9076 > Canada: www.webenergy.ca > USA: www.webenergyusa.com > > > -----Original Message----- > From: Ben Doom [mailto:[EMAIL PROTECTED] > Sent: November-01-07 12:10 PM > To: CF-Talk > Subject: Re: Replacing Strings > > Not to put too fine a point on it, but if this data is coming directly > from an end user, it would probably be in your best interest to add the > <cfqueryparam> anyway. It does quite a bit more than just quote > escaping. Definitely a best practice recommendation. > > --Ben Doom > > Rick Sanders wrote: > > Didn't think of that, but it's less code to do a replace than the > > cfqueryparam. > > > > > > Rick Sanders > > Canada: 902-401-7689 > > USA: 919-799-9076 > > Canada: www.webenergy.ca > > USA: www.webenergyusa.com > > > > > > -----Original Message----- > > From: Dana Kowalski [mailto:[EMAIL PROTECTED] > > Sent: November-01-07 11:42 AM > > To: CF-Talk > > Subject: Re: Replacing Strings > > > > are you using cfqueryparam's on your query? It should escape them on its > own > > I would think. > > > > > > > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| ColdFusion 8 - Build next generation apps today, with easy PDF and Ajax features - download now http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:292523 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
