|Discussion Home | About | Threads By Date | Search|
Few months ago while fixing an issue in very old code I have found that some of the queries haven't had the cfqueryparam for variables in SQL statements. So was asked to fix all these queries in the application and wanted to implement cfqueryparam for all parameters. But when I was fixing it I dint know about this QueryParam Scanner which is very useful.... So, thought of just sharing this with you chaps.
Installing QueryParam Scanner is really easy just download the code from http://www.hybridchill.com/projects/downloads.html or from http://qpscanner.riaforge.org/ and unzipped its content to your web root that's it you have done. Now you can start scanning your applications for all the missing cfqueryparam tags in the cfquery. The UI of QueryParam Scanner is simple and friendly and it has various options on the result output formats after scanning.
QueryParam Scanner saves time on identifying all the variables in queries that are not used with cfqueryparam and the credit goes to Peter Boughton for this great tool. I'm sure this will help on saving most of our time on testing our applications for existence of cfqueryparam and will help on team development environments to cross check whether they have used cfqueryparam in their modules.
There is an Eclipse Plugin also available for Eclipse lovers that can be at downloaded from here http://www.hybridchill.com/projects/downloads.html. Eclipse plugin allows you to scan by right clicking your project folder and selecting "Scan with QueryParam Scanner" option from your Eclipse IDE. I have added the QueryParam Scanner in my ColdFusion Administrator as a Custom Extension which will be handier for developers who are not using Eclipse and easier to launch QueryParam Scanner from ColdFusion Administrator itself. For more on creating ColdFusion Administrator Extensions read Raymond Camden blog post here http://www.coldfusionjedi.com/page.cfm/Guide-to-ColdFusion-Administrator-Extensions