: cfaussie@googlegroups.com
Subject: *SPAM* RE: [cfaussie] CF 11 and SQL injection
Thanks Charlie.
Interesting only your replies come through maked as spam. I have had other
replies to this question from other users with no issues.
Maybe your mail client thinks I work for Microsoft
ehart"
Sent: Thursday, 28 May 2015 2:31 AM
To: cfaussie@googlegroups.com
Subject: RE: [cfaussie] CF 11 and SQL injection
No, that’s one of the problems with relying on cfqueryparam for sql injection.
To be clear, this is NOT its job. People rely on it basically as a hack. It
only works wh
No, that’s one of the problems with relying on cfqueryparam for sql injection.
To be clear, this is NOT its job. People rely on it basically as a hack. It
only works when you set the type to something like CF_SQL_INTEGER, because the
incoming value is supposed to be a number, in which case it th
to pass any SQl injection test.
>
> Brian
>
>
>
> --
> *From*: "Ricardo Russon"
> *Sent*: Wednesday, 27 May 2015 7:53 AM
>
> *To*: cfaussie@googlegroups.com
> *Subject*: Re: [cfaussie] CF 11 and SQL injection
>
> If you
: cfaussie@googlegroups.com
Subject: Re: [cfaussie] CF 11 and SQL injection
If you aren't on a windows box, then you can also look into fail2ban.
On Wed, May 27, 2015 at 7:45 AM, M@ Bourke
wrote:
You should also use the OWASP library which I believe is included in later
versions of
>> *From*: "Ricardo Russon"
>> *Sent*: Tuesday, 26 May 2015 7:53 PM
>> *To*: cfaussie@googlegroups.com
>> *Subject*: Re: [cfaussie] CF 11 and SQL injection
>>
>> cfqueryparam?
>>
>> Is there something more specific y
eryparam the only measure thatis currently recommended/
>
> Brian
>
>
>
> --
> *From*: "Ricardo Russon"
> *Sent*: Tuesday, 26 May 2015 7:53 PM
> *To*: cfaussie@googlegroups.com
> *Subject*: Re: [cfaussie] CF 11 and SQL injection
>
&g
ubject: Re: [cfaussie] CF 11 and SQL injection
cfqueryparam?
Is there something more specific you are having an issue with?
On Tue, May 26, 2015 at 7:33 PM, Brian Knott wrote:
Guys what’s the best way to handle SQL injection in CF 11.
Brian
--
You received this message b
cfqueryparam?
Is there something more specific you are having an issue with?
On Tue, May 26, 2015 at 7:33 PM, Brian Knott wrote:
> Guys what’s the best way to handle SQL injection in CF 11.
>
>
>
> Brian
>
> --
> You received this message because you are subscribed to the Google Groups
> "cfaus