Beth
Well, I'm not well apprised of these things but the help
says this so I'm not sure how dangerous that would be.
Bryan
Maximum length of parameter. Ensures that the length check is done by ColdFusion before the string is sent to the DBMS, thereby helping to prevent the submission of malicious strings.
Something new every day. Thanks!
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Beth Bowden
Sent: Tuesday, September 12, 2006 8:07 AM
To: [email protected]
Subject: Re: [Reactor for CF] isLike on integer column
It may be related to the fix for ticket no. 49 (http://trac.reactorframework.org/reactor/ticket/49). reactor adds a wildcard before and after the value passed to it. Perhaps, the thing to do is omit the maxlength for like queryparams. This would allow you to pass something like "abc%123%def".
Thoughts?
Beth
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Reactor for ColdFusion Mailing List
[email protected]
Archives at: http://www.mail-archive.com/reactor%40doughughes.net/
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Reactor for ColdFusion Mailing List
[email protected]
Archives at: http://www.mail-archive.com/reactor%40doughughes.net/
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
