I also use this to get the new key on inserted records, and have used
cfqueryparam for years to protect against this sort of attack, and for
performance reasons.
Functionality shouldn't be sacrificed just to protect careless developers
from themselves.
John
-Original Message-
From: Dave
Google is your friend, or enemy depending on how you look at it.
http://people.langeconsulting.com/matt/
-Original Message-
From: Tom Chiverton [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 16, 2007 11:42 AM
To: CF-Talk
Subject: Re: SYS-Con relies on "dead" technology
On Tuesday 16
and about whether Cost is truly a Boolean...
-Original Message-
From: Rob Wilkerson [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 22, 2007 3:15 PM
To: CF-Talk
Subject: Re: Just a tidbit for those who might not have use iif before
Uh oh. You're probably about to get hammered with
Is it possible there is a problem with the CFIDE mapping, or some little
error in the code.
In the code you have
https://www.aaintl.com/includes/cfform.js can be downloaded by putting in
the direct url, but Both
https://www.aaintl.com/CFIDE/scripts/cfform.js and
https://www.aaintl.com/CFIDE
I had the same problem on a send this page to a friend page on some of the
sites I work on. I used the code from this post at
http://mkruger.cfwebtools.com/index.cfm?mode=entry&entry=7014B27C-90BC-3F1C-
AA33571605423A48 along with the trimFalseEmailHeaders UDF at cflib.org. See
http://www.cflib.org
Another question might be how they are currently doing client variable
storage. I think it is currently set to the registry. It would be nice to
have the option to set it to your db.
John
-Original Message-
From: Ken Ketsdever [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 09, 2006 12:23 P
Not to beat a dead horse, but ask them about cfqueryparam and sql server on
their shared hosting. Currently it fails with a security error.
John
-Original Message-
From: Ken Ketsdever [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 09, 2006 12:23 PM
To: CF-Talk
Subject: RE: Coldfusion with
> -mark
>
>
> -Original Message-
> From: Snake [mailto:[EMAIL PROTECTED]
> Sent: Friday, May 05, 2006 11:57 AM
> To: CF-Talk
> Subject: RE: Coldfusion with Godaddy
>
> That's interesting, we have no such problem on our SQL servers,
> CFQUERYPARAM wor
ints to make about
this tag. I'm sure you can marshal some resources to prove your point. Good
luck :)
-Mark
-Original Message-
From: John Rossi [mailto:[EMAIL PROTECTED]
Sent: Friday, May 05, 2006 12:48 PM
To: CF-Talk
Subject: RE: Coldfusion with Godaddy
I am going to reopen
I am going to reopen the incident with your explanation of the issue and see
what happens. I made the mistake of replying to the incident while my blood
was boiling after the tech told me that if I just remove the line of code
causing the error the code would work. So my explanation was probably no
m on our SQL servers, CFQUERYPARAM
works fine, and every user only has access to their own database.
-Original Message-
From: John Rossi [mailto:[EMAIL PROTECTED]
Sent: 05 May 2006 17:47
To: CF-Talk
Subject: RE: Coldfusion with Godaddy
That's not entirely true. They do not, at least t
That's not entirely true. They do not, at least they told me they can't
allow me to use cfqueryparam with sql server in shared hosting.
Here's the final response I got from them.
After further researching the issue(s) at hand, we have determined the
following:
The line "EXECUTE permission denied
That's possibly what she is doing considering that was my IP address
she just posted. I went to her domain based on her email address. Did a view
source, and look at one or two of the hidden links. I am definitely not a
spammer.
John Rossi
Webmaster/Network Administrator
Bernier & Associ
I emailed my old ISP last year to complain about their open relay, since I was getting
bounced emails, and they had no idea what an open relay was even when I pointed them to
relevant info. So while incompetent is a strong word it can be appropriate in certain
instances.
John
-Origin
14 matches
Mail list logo