CF9 License Resale Value

2013-07-21 Thread Michael David 

Hello...

I have a handful on CF9 licenses to get rid of. I also have one CF9 
upgrade serial along with the original serial from the previous version. 
These are NOT academic licenses, and I am the original purchaser on all.

What are these things worth?

--
Cheers!

Michael David


~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive: 
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:356259
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm

Re: CF9 License Resale Value

2013-07-21 Thread Russ Michaels 

Stick them on ebay.

Russ Michaels
www.michaels.me.uk
cfmldeveloper.com
cflive.net
cfsearch.com
On 21 Jul 2013 14:41, Michael David li...@michaeldavid.com wrote:


 Hello...

 I have a handful on CF9 licenses to get rid of. I also have one CF9
 upgrade serial along with the original serial from the previous version.
 These are NOT academic licenses, and I am the original purchaser on all.

 What are these things worth?

 --
 Cheers!

 Michael David


 

~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive: 
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:356260
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm

Hack Attempt on our database last night

2013-07-21 Thread Dave Hatz 

We had someone trying to hack our system last night and I would like to know 
what he was trying to get.  Seems one of our new Junior programmers didn't use 
CFQUERYPARAM and allowed this param into the query string.  Needless to say, I 
will be having a nice long chat with him when he gets into the office tomorrow. 
 

How do I decode what this is?  Is there a tool or site that will convert this 
for me?

99.9 /*!3union all select 
0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536*/--
 

~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive: 
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:356261
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm

CFQueryParam

2013-07-21 Thread Dave Hatz 

I know using cfqueryparam helps with hack attempts on your database and it 
helps performance for the execution of the queries.  

Question, does using the cfqueryparam help with performance on the ORDER BY 
clause?  One some of our pages we give the user the ability to change the sort 
order of the data being displayed.  But, we do not use CFQUERYPARAM on the 
ORDER BY clauses.  

Thanks,
Dave Hatz 

~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive: 
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:356262
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm

Re: CFQueryParam

2013-07-21 Thread Wil Genovese 

No, cfqueryparam does not work in the order by clause.

However, when using url params passed to a query for altering the order I use 
if/then logic to set the order by clauses to prevent SQLi.

if (url.sortby EQ 'D') { orderby mycolum desc } else { order by mycolumn ASC }

THis is a simple and effective way to prevent SQLi in the order by clauses.
 


Wil Genovese
Sr. Web Application Developer/
Systems Administrator
CF Webtools
www.cfwebtools.com

wilg...@trunkful.com
www.trunkful.com

On Jul 21, 2013, at 12:50 PM, Dave  Hatz daveh...@hatzventures.org wrote:

 
 I know using cfqueryparam helps with hack attempts on your database and it 
 helps performance for the execution of the queries.  
 
 Question, does using the cfqueryparam help with performance on the ORDER BY 
 clause?  One some of our pages we give the user the ability to change the 
 sort order of the data being displayed.  But, we do not use CFQUERYPARAM on 
 the ORDER BY clauses.  
 
 Thanks,
 Dave Hatz 
 
 

~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive: 
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:356263
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm

Re: Hack Attempt on our database last night

2013-07-21 Thread Justin Scott 

There was some discussion about a very similar injection on Stack
Overflow which may be useful:

http://stackoverflow.com/questions/4600954/site-has-been-hacked-via-sql-injection


-Justin



On Sun, Jul 21, 2013 at 1:33 PM, Dave  Hatz daveh...@hatzventures.org wrote:

 We had someone trying to hack our system last night and I would like to know 
 what he was trying to get.  Seems one of our new Junior programmers didn't 
 use CFQUERYPARAM and allowed this param into the query string.  Needless to 
 say, I will be having a nice long chat with him when he gets into the office 
 tomorrow.

 How do I decode what this is?  Is there a tool or site that will convert this 
 for me?

 99.9 /*!3union all select 
 0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536*/--

 

~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive: 
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:356264
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm