It's a one time query that she's using to insert data into the db initially. Unless she left that page open for anyone to access no real need to secure it in that fashion. Of course doesn't hurt, just saying from the sounds of her post it will only be used ONCE, by her. Of course I would just do it directly in SQL and bypass CF all together.
Al Musella, DPM wrote: > NO!!!! > Haven't you been reading the zillions of messages > on sql injection? This is an open invitation that says HACK ME! > even with snippets - we should all get into the habit of adding cfqueryparam.. > > I am not sure of the details of his database > structure, but someplace he may need a states table: > StateID > State name > State Abbreviation > > > > At 11:11 AM 8/18/2008, you wrote: > > >> Melissa, >> >> This would be in your Query statement. >> >> Insert INTO STATES >> Where State = '#URL.State#' >> >> David G. Moore, Jr. >> UpstateWeb LLC> Subject: Re: Creating a database >> with repeated information> From: >> [EMAIL PROTECTED]> To: [email protected]> >> Date: Mon, 18 Aug 2008 11:05:02 -0400> > Thanks >> for the welcoming answers. :) I am relatively >> new to ColdFusion, but I may have misstated my >> question; it's not the pulling information from >> the database I'm not sure how to do, it's the >> setting the database up (efficiently) in the >> first place.> > I figure each record will need >> five fields: the ubiquitous auto-incremented ID, >> the page title, the page content, then the state >> and the page name (to call in from the URL, like >> index.cfm?page=about&state=VA).> > Since all the >> states will have the same set of ten pages to >> start, it seems that one should be able to use a >> cfloop of insert statements. Where I get jammed >> up is figuring out how to tell it what state to >> insert in the state field. Would it need to be a >> long cfswitch saying if i=1 the state is AL, if >> i=2 the state is AK, etc.?> > Thanks again! > > >> >> >> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:311197 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
