SQL Injection

Forum|Forum|19 years ago
April 11, 2007
1 reply
224 views

Is there the way to prevent the hacker by putting some thing from the where clause on the SQL statement?

Thanks

Advanced techniques

This topic has been closed for replies.

D

Dan_Bracuk

Inspiring

go to cflib.org and look up the safetext function. It will give you a good start. It will also help protect you from cross site scripting.

Use of cfqueryparam has a lot of benefits, including this. If you can't use that, run some other function on anything the users can send you. The actual functions depend on the datatype of the field.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded