Single quotes would screw your sql all up man.
----- Original Message -----
From: "Raymond Camden" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Monday, August 27, 2001 11:08 PM
Subject: RE: Encryption differences in ColdFusion 4.5 and 5.0?
> > The issue with the out-of-the-box ColdFusion encrypt/decrypt functions
is
> > that it doesn't limit itself to "safe" characters when doing the
> > encrypting.
> > Specifically, there's the possibility that the encrypt() function will
> > generate an encrypted string with single quotes ('), spaces ( ),
> > pound signs
>
> But don't you mean unsafe in regards to forms/sql, which is a different
> subject? I mean, what about my argument that even RepeatString can make a
> string that isn't safe for forms or sql. Does that make sense? In other
> words, I don't see it as an issue.
>
> =======================================================================
> Raymond Camden, Principal Spectra Compliance Engineer for Macromedia
>
> Email : [EMAIL PROTECTED]
> Yahoo IM : morpheus
>
> "My ally is the Force, and a powerful ally it is." - Yoda
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
