Interesting question:
<!--- <cfif isdefined('url.dimension')>
<cfquery name="test" datasource="#DB#" username="#USER#" password="#PASS#">
select age,size
from accessories
where age='#url.age#' and visible=1
</cfquery></cfif> --->
This is commented query in the code: Do any of you think if can process
commented? I dont think so. But I am curious these hackers can do crazy
stuff. Probably I will get an answer put in the commented query cfqueryparam
or delete it :)
Radek
On Thu, Jul 24, 2008 at 2:33 PM, Dave Watts <[EMAIL PROTECTED]> wrote:
> > So if I wont use maxlenght still it is gonna be secured?
>
> Yes.
>
> Dave Watts, CTO, Fig Leaf Software
> http://www.figleaf.com/
>
> Fig Leaf Software provides the highest caliber vendor-authorized
> instruction at our training centers in Washington DC, Atlanta,
> Chicago, Baltimore, Northern Virginia, or on-site at your location.
> Visit http://training.figleaf.com/ for more information!
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
http://ad.doubleclick.net/clk;203748912;27390454;j
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:309743
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
