Maybe it's happening in code. Do a search for the variable and make sure you don't find something like:
<cfset COOKIE.something = "a" & COOKIE.something> Stranger things have happened :OD Adrian > -----Original Message----- > From: Qing Xia [mailto:[email protected]] > Sent: 14 May 2009 21:33 > To: cf-talk > Subject: Re: my cfqueryparam grievance > > > Ah yes! You are right--that ID value, after being returned in the query > recordset, does get set in cookie scope, and that is where my > cfqueryparam > tag gets it from, in cookie scope. > > So, yeah, it is possible that users could have manipulated that cookie > value... But then, with so many users (i must have had a couple dozen > error > messages at least, and they are from different legitimate users) all > generating the same error message, it seems unlikely that they all > changed > their cookie to the same value. > > On Thu, May 14, 2009 at 4:01 PM, Adrian Lynch > <[email protected]>wrote: > > > > > I thought you said it was a cookie value? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:322533 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
