• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1008
  • Last Modified:

issue with portcullis.cfc(sql injection)

Hi ,

 iam having an issue with portcullis.cfc file i.e.., when i enter (select,delete or update) in the form
i.e in the input box and then when i enter Submit it is replacing the (select,delete or update) with the
[INVALID] but it is submitting to database and entering with [INVALID] can u please tell me how to
stop this. any help would be kindly appreciated
U Can download the opensource file from the link:
http://labs.fusionlink.com/katapult/index.cfm?page=projects/portcullis
0
shariff_pasha
Asked:
shariff_pasha
  • 4
2 Solutions
 
Gurpreet Singh RandhawaWeb DeveloperCommented:
Can U show me Your query how you doing it

0
 
shariff_pashaAuthor Commented:
hi randhawa this is my adduser.cfm and application.cfm files please take a loop in to that and please convert them to .cfm and my problem is whenever a user enters sqlFilter,tagFilter and wordFilter(see portcullis.cfc ) in to the form it converts them to [INVALID] but i want to redirect them to error page whenever a user try to do a sql injection or xss.
adduser.txt
application.txt
0
 
shariff_pashaAuthor Commented:
Hi i solved it myself by just redirecting when the text input has [INVALID].
0
 
shariff_pashaAuthor Commented:
no reply from any experts
0
 
shariff_pashaAuthor Commented:
no reply
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now