https://github.com/mhenke/webapper-coldfusion-sql-injection

find and destrory un <cfqueryparam> queries
https://github.com/mhenke/webapper-coldfusion-sql-injection

Last synced: 18 days ago
JSON representation

find and destrory un <cfqueryparam> queries

• Host: GitHub
• URL: https://github.com/mhenke/webapper-coldfusion-sql-injection
• Owner: mhenke
• Created: 2011-06-24T00:58:31.000Z (over 13 years ago)
• Default Branch: master
• Last Pushed: 2011-06-24T16:04:30.000Z (over 13 years ago)
• Last Synced: 2024-11-11T09:49:57.597Z (3 months ago)
• Language: ColdFusion
• Homepage: http://www.webapper.com/blog/index.php/2008/07/22/coldfusion-sql-injection
• Size: 125 KB
• Stars: 3
• Watchers: 2
• Forks: 2
• Open Issues: 1
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# readme

# Purpose

Seek out unparamaterized queries in ColdFusion templates and, at user's option, parameterize them.

## Written by 

Daryl Banttari [email protected]

## Blog Post

http://www.webapper.com/blog/index.php/2008/07/22/coldfusion-sql-injection

## Caveats

This will probably break some queries, especially if you do things like WHERE date > ‘#dateFormat(d)# #timeformat(d)#’ or WHERE NAME LIKE ‘#searchname#%’. USE WITH CAUTION! It’s best to test the changes before moving them into production. Remove the “.old” files once the site is confirmed as working well.

## License

RELEASED TO THE PUBLIC DOMAIN.  But feel free to credit Daryl Banttari with original authorship if you release it with modifications.

## Git Workflow for Contributors

This project uses the excellent [Git Workflow series](http://www.silverwareconsulting.com/index.cfm/Git-Workflow) by [Bob Silverburg](https://github.com/bobsilverberg/) for contributions.

## Dealing with line endings

Before contributing, please read this [[http://help.github.com/dealing-with-lineendings/](http://help.github.com/dealing-with-lineendings/)](http://help.github.com/dealing-with-lineendings/)