For my specific implementation, I decided to use a combination approach. Remembering this is an attempt to mitigate SQL injection exploits, I check for select or declare in the query string. I realized forms posed a slightly different problem, as I have many user posting long text data the often contains some form of those words. For the forms I check for an instance of both select and declare and send an email alert to myself with the pertinent data. I can control this at the granular level as the values are assigned to an attributes structure I use for processing, letting me replace the values or further analyze possible exploit attempts.
I did end up using the regex for the query strings, but as always, no one solution is the perfect fit. Thanks, Brian Cain On Tue, Oct 11, 2011 at 12:52 PM, Brook Davies <cft...@logiforms.com> wrote: > > Wouldn't this also catch words like 'myselection'? > > Brook > > -----Original Message----- > From: Matt Quackenbush [mailto:quackfu...@gmail.com] > Sent: October-11-11 7:16 AM > To: cf-talk > Subject: Re: Check for list of words in string > > > Regular expressions. > > if ( reFindNoCase("(select|declare)",myString) > 0 ) { > // at least one of the words is present } > > HTH > > > On Tue, Oct 11, 2011 at 9:11 AM, Brian Cain <bcc9...@gmail.com> wrote: > > > > > Hello all, > > > > I would like to check a string against a list of keywords and either > > null the string or replace the keywords if found. > > > > Over the past couple of weeks someone has been probing my sites for > > SQL injection vulnerabilities. I have used queryparams and other > > types of validation. but I fear I may have missed something. I am > > using an old version of formurl2attributes that has been modified over > > the years. My thought is to check the attributes list at the end of > > the custom tag, and look for some of the common SQL injection keywords > > there and mitigate their effectiveness. > > > > So in short, how do I search for keywords like "select,declare" in a > > string without looping over the keywords? > > > > Thanks, > > Brian Cain > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348054 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
