Skip to main content
S
ssailer
Inspiring
January 27, 2009
Question

Verity search results showing SQL code

  • January 27, 2009
  • 1 reply
  • 1401 views
This site is still in development and that's why the domain hasn't transferred yet: http://financial-strategist.dataride-previews.com/index.cfm. If you perform a search for the word business, for example, some of the search results display the SQL query code. How can I eliminate this from being included in the search results?

My results page is as follows:
<cfsearch
name = "fs_search"
collection = "fsdocs, affdocs, bodocs, profdocs, wibdocs"
criteria = "#Form.Criteria#"
maxrows = "35">

<CFOUTPUT QUERY="fs_search">
<a href="#url#"><strong>#Title#</strong></a> <br>
#Summary# <br />
<br />
</CFOUTPUT>
This topic has been closed for replies.

1 reply

F
Fetch
Participating Frequently
January 28, 2009
I found a similar problem on Experts-Exchange, seen here:

http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/Cold_Fusion_Markup_Language/Q_23842771.html

Basically, the solution was to strip the HTML when populating the verity collection.
A
Anonymous
April 22, 2009

I am having the same issue. It does not look good when a search returns code like "select * from catagory...." in the search result page.

I looked at the expert exchange solution but it only strips the tags/html so basically the <cfquery> .. part is removed but the actual query "select * ... " still shows up on the results.

How can we remove such sql codes totally?

A
Anonymous
April 28, 2009

I'm surprised that I haven't been able to get any pointers on this.

Searching is an important part of site design and if CF is showing sql codes then it's not good from security standpoint.

I need to fix this! Anyone have any suggestions?

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices