Kevin, Looks like Ian answered your question about datasource creation. I would definitely recommend separating out any DSN that has "godlike" (root) powers and protecting it more than other DSNs. A separate DB user account should probably be used, and it would not be entirely inappropriate to force the user to enter the password for this account each time they try to use it. Assuming you are only creating databases every now and then, and that the people creating them know the password - this prevents you from having to enter a root password into the code or into the CF administrator and better protects this account that has powers to create databases (and probably more).
-Cameron On 1/2/06, Kevin Hall <[EMAIL PROTECTED]> wrote: > Cameron, > That's pretty cool. I like that it will allow for fewer cfquery tags when you > are always executing a series of SQL statements together. Is the concern > about SQL injection attacks serious enough to avoid doing this? I was > thinking that creating a seperate datasource in CF Administrator with the > allowMultiQueries=true added just for those situations where I use mutiple > statements and then not using any user inputs in those queries would help > protect against this. > > I'm still stuck on how to create a database using a cfquery and then create > tables in that database without going into CF Administrator to manually > specify a datasource for the new databases (using CF MX 7). Any advice on how > this can be done would be really appreciated. > > Thanks, > Kevin Hall > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Purchase Dreamweaver with Homesite Plus from House of Fusion, a Macromedia Authorized Affiliate and support the CF community. http://www.houseoffusion.com/banners/view.cfm?bannerid=54 Message: http://www.houseoffusion.com/lists.cfm/link=i:6:2426 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/6 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:6 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.6 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
