SQLi Results: No Errors

It has been interesting to see the results of the recent series of SQL injection attacks. I have been using <cfqueryparam> for all dynamic data for years, so I wasn't worried about the SQL injection. Still, even for sites with <cfqueryparam>, error email messages remain a problem.

Although I have gotten some errors from some sites, none from my newer sites. The reason is that earlier steps I have taken prevent errors from invalid URL variables.

[More]

Comments (Comment Moderation is enabled. Your comment will not appear until approved.)
BlogCFC was created by Raymond Camden. This blog is running version 5.8.001.