what I ended up doing was the following:
1. use <cfqueryparam cfsqltype = "cf_sql_integer" value="#variable#">
This allows only 0-9 in the value. This stops injections.
2. use <cfqueryparam cfsqltype = "cf_sql_varchar" value="#variable#">
This allows only a-zA-Z0-9. This stops injections.
3...
Hi iamstillatwork
I am useing cfqueryparam on all my SQL statements around my variables.
I am guessing this is the same as putting single quotes around them i.e. '#url.or1#' .
Will this protect me completely from SQL injection?
Also I am having a bit of a problem with the below ORDER BY...
Hi,
The following 2 lines fixed the problem. NS4.x & IE4.x are not both blind to my CSS.
<style type="text/css" media="all">@import "stylecss.css";</style>
<style type="text/css" media="print">@import "stylecssprn.css";</style>
Go and take a look at www.carsinlondon.com in NS4.x or IE4.x and...
Hi,
I have read on the internet about SQL Interjections and I have gone about as far as I can in checking my coldfusion web application.
I have 3 public files, that the public can access with out being logged it.
I am wondering if there is any way to do sql interjections on the following...
Hi manarth ;
The whole idea in my post is to hide my CSS from IE4.01 so it will only display content. Also to have IE5.01, 5.5, 6.0SP1 see stylecss.css and stylecssprn.css .
I can use the following and that does the frist part for me - hides my stylecss.css sheet from IE4.01.
<style...
Hi webmigit;
Well the code I posted has nothing to do with the sql interjection at all. I was just noteing that I only have 3 files that the public can access, if they access other files and don't have Session.Auth set to YES then it will cflocation them to the login.cfm file.
I think listed...
Hi manarth;
I am not sure but you may of missed what I am trying to do. In my first post I stated "I am wanting to hide the CSS from IE4.01 so it will do the same thing."(do the same thing that ns4.x doesn't -- doesn't see the css and displays my pages with NO format from CSS).
I have now...
Hi Vragabond ;
Thanks for the link. I have seen those. I guess my problem is I have to different style sheets. One for print and one for screen. I need some way for everything above ns4.x and ie4.x to be able to get those 2 style sheets.
Right now I have a test page...
Hi vongrunt & Vragabond
vongrunt: Converting my site was quite easy. The site is like around 20 pages and I was already html 4.01 stict and I was like I noted following alot of the xhtml 1.0 specs anyway. You say that XHTML 1.0 stict can slow things down abit. How so?
Vragabond: I...
Hi Vragabond;
Yes I went ahead and changed the doctype and validated. No problems with the site at all.
My questions were as follows:
1) Also I would like to know about the the following line.
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">. Should I put this line in? What does it...
Hi,
My website is testing on IE5.01, 5.5, 6.0SP1; NS6.2.3, 7.1, Mozilla 1.6; Firefox 0.8; Opera7 & Safari 1.2 . I am not supporting NS4.x or IE4.01.
I have all my presentation markup in css files and am not using tables except for tabular data.
I have make a ID called oldbrowsermessage and I...
Hi,
I have been wondering what to do with my site www.carsinlondon.com . Where I should leave it html 4.01 stict or change the doctype to xhtml 1.0 strict.
I have converted my site and put all the symantics or presentation markup in a CSS file. I have gone from html 4.01 trans to stict. And...
Hi,
I have read on the internet about SQL Interjections and I have gone about as far as I can in checking my cf web application.
I have 3 public files, that the public can access with out being logged it. The other backend files all have the following at the beginning of the file.
<CFIF...
xtendscott:
Well www.viux.com is $4.95/mon with 1GB 10email and 250MB and one DSN. They have the dll installed on there server already. The dll needs to be installed by your hosting company but that shouldn't be a problem.
newcow
varnix
google make a large submit button and look at the 2nd choice.
<INPUT TYPE="SUBMIT" VALUE="Demonstration only"
STYLE="font-family:sans-serif; font-size:large;
font-style:italic; background:#ff0 none; color:#000; width:10em">
moooooooooo
Hi,
I am having problems with my http://www.carsinlondon.com/inventory.cfm page on ie5.02/5.5.
The site width is setup as follows:
<div id="content"> width:650px
<div id="graphicheader"> border:1px
</div>
<div id="container1"> bg:pink; padding:8px; border:1px
<div id="container2"> width:640px...
Seems like I am the only one posting on this thread but anyway here I go again.
I have 3 querys now, you can see them above, and they are working fine. The 3 query's fill in vehicles on the right side of this page http://www.carsinlondon.com/pcardetail.cfm under Other #Model#, Other #Make# and...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.