Or at the very least write some generic code in Application.cfm/Application.cfc that inspects the form, url and cookie scopes and strips out anything suspicious like SQL statements. That would only be a half measure though. The queries need to be changed to use cfqueryparam.
On Jan 23, 2008 11:38 AM, Tom Chiverton <[EMAIL PROTECTED]> wrote: > On Wednesday 23 Jan 2008, [EMAIL PROTECTED] wrote: > > anything else I can do to tighten this issue down? Just want to make > sure. > > Have you reviewed every other cfquery in the app ? > > -- > Tom Chiverton > Helping to heterogeneously envisioneer leading-edge architectures > on: http://thefalken.livejournal.com > > **************************************************** > > This email is sent for and on behalf of Halliwells LLP. > > Halliwells LLP is a limited liability partnership registered in England > and Wales under registered number OC307980 whose registered office address > is at Halliwells LLP, 3 Hardman Square, Spinningfields, Manchester, M3 3EB. > A list of members is available for inspection at the registered office. Any > reference to a partner in relation to Halliwells LLP means a member of > Halliwells LLP. Regulated by The Solicitors Regulation Authority. > > CONFIDENTIALITY > > This email is intended only for the use of the addressee named above and > may be confidential or legally privileged. If you are not the addressee you > must not read it and must not use any information contained in nor copy it > nor inform any person other than Halliwells LLP or the addressee of its > existence or contents. If you have received this email in error please > delete it and notify Halliwells LLP IT Department on 0870 365 2500. > > For more information about Halliwells LLP visit www.halliwells.com. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;160198600;22374440;w Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:297137 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
