home Links Articles Books Past Meetings Photos SiteMap
The MDCFUG is sponsored by TeraTech. Visit us at www.TeraTech.com

Please send
comments/questions to

michael@
teratech.com

 
Page Validation

Page Validation

  • URL and Form parameters used in SQL

    • SELECT * FROM EMP WHERE ID = #USERID#
    • Extra SQL commands on SQL Server
      http://myserver/page.cfm?ID_VAR=7%3BDELETE%20FROM%20MyCustomerTable
    • | VBA functions - shell() on Access
    • xp_cmdshell in SQL Server
  • Use VAL() on parameters or check for ‘ and | or use <CFQUERYPARAM>

  • Encrypt Variables

  • Checksum URLs

Previous slide Next slide Back to first slide View graphic version


Home | Links | Articles | Past Meetings | Meeting Photos | Site Map
About MDCFUG | Join | Mailing List |Forums | Directions |Suggestions | Quotes | Newbie Tips
TOP

Copyright © 1997-2017, Maryland Cold Fusion User Group. All rights reserved.
< >