qpscanner.readme.txt (v0.7.4) - files - QueryParam Scanner

file: qpscanner/qpscanner.readme.txt
tag: v0.7.4
size: 3 KB
lines: 120
  1-------------------------------------------------------------------------------
  2qpScanner v0.7.4
  3
  4
  5
  6INSTALLATION
  7============
  8	
  9Extract all files to a directory in your webroot, then access in a browser.
 10
 11Everything required is contained within the zip file, and no mappings nor
 12datasources need to be setup. 
 13
 14All versions of qpScanner can run against code written for any CFML engine.
 15
 16However, qpScanner itself, from v0.7.4 onwatds requires a CFML engine that supports nested struct notation.
 17
 18This means Adobe CF8 and earlier are not supported, and must use qpScanner v0.7.3
 19
 20
 21
 22ECLIPSE PLUGIN INSTALLATION
 23===========================
 24
 25There is an Eclipse plugin available for QueryParam Scanner.
 26
 27To install the plugin, please add the update site to Eclipse:
 28
 29	http://eclipse.hybridchill.com/
 30
 31Please consult the documentation that comes with the Plugin for further 
 32details on the Plugin and how to use it.
 33
 34
 35
 36USAGE
 37=====
 38
 39After launching QueryParam Scanner, you should see a Quick Start form:
 40
 41	Select Config
 42		This allows you to choose between "default" or "paranoid" configs.
 43		The default config should be fine for most people.
 44
 45	Starting Directory
 46		Where you put the location of the project(s) you wish to scan.
 47		This can be either an absolute path or a mapping.
 48	
 49	Recursive
 50		Indicates if you want qpScanner to look inside directories, or remain 
 51		at the current directory level. 
 52
 53
 54Once these are set as appropriate, press Scan and qpScanner will get to work.
 55
 56As it finds queries with CF variables (ie: #values_in_hashes#) that are not 
 57inside a <cfqueryparam/> tag, it will list that file. The positions of the
 58queries are displayed when clicking on a file, and clicking on each of those
 59reveals the actual contents of the query.
 60
 61When complete, it will list how many were found out of how many total queries.
 62
 63
 64
 65NOTE: QueryParam Scanner should be used *only* in your development environment, 
 66not on a live/public box. In addition to the security risks, it might have an 
 67adverse affect on performance.
 68
 69
 70
 71KNOWN ISSUES
 72============
 73
 74This is a development release of QueryParam Scanner, and this list of issues
 75may not be a complete one. Always ensure you have a recent backup of your code.
 76
 77There is one known issue with this version of qpScanner:
 78
 791. Incorrect Line Numbers With Identical Queries
 80If you have a file with multiple identical queries (same name/attributes/SQL),
 81QueryParam Scanner will report line numbers correctly for only the first of 
 82the queries.
 83
 84
 85
 86SUPPORT
 87=======
 88
 89For help or support, please see the project page at Hybridchill:
 90http://www.hybridchill.com/projects/qpscanner.html
 91
 92
 93
 94
 95CREDITS
 96=======
 97
 98QueryParam Scanner is a project created and maintained by Peter Boughton.
 99
100It makes use of three other open-source projects:
101- Java Regex Utilities       http://www.hybridchill.com/projects/jre-utils.html
102- jQuery JavaScript library  http://www.jquery.com
103- Fusebox Framework          http://www.fuseboxframework.org
104
105
106
107
108LICENSING & VERSIONS
109====================
110
111GPL license (see included gpl-license.txt for details)
112- qpScanner v0.7.4
113- jre-utils v0.6.0
114- jQuery v1.2.6
115
116Apache 2 license (see fusebox5/LICENSE.txt for details)
117- Fusebox v5.5.1
118
119
120
121-------------------------------------------------------------------------------