qpscanner.readme.txt (v0.7.3.1) - files - QueryParam Scanner

file: qpscanner/qpscanner.readme.txt
tag: v0.7.3.1
size: 3 KB
lines: 114
  1-------------------------------------------------------------------------------
  2qpScanner v0.7.3
  3
  4
  5
  6INSTALLATION
  7============
  8	
  9Extract all files to a directory in your webroot, then access in a browser.
 10
 11Everything required is contained within the zip file, and no mappings nor
 12datasources need to be setup. 
 13
 14
 15
 16ECLIPSE PLUGIN INSTALLATION
 17===========================
 18
 19There is an Eclipse plugin available for QueryParam Scanner.
 20
 21To install the plugin, please add the update site to Eclipse:
 22
 23	http://eclipse.hybridchill.com/
 24
 25Please consult the documentation that comes with the Plugin for further 
 26details on the Plugin and how to use it.
 27
 28
 29
 30USAGE
 31=====
 32
 33After launching QueryParam Scanner, you should see a Quick Start form:
 34
 35	Select Config
 36		This allows you to choose between "default" or "paranoid" configs.
 37		The default config should be fine for most people.
 38
 39	Starting Directory
 40		Where you put the location of the project(s) you wish to scan.
 41		This can be either an absolute path or a mapping.
 42	
 43	Recursive
 44		Indicates if you want qpScanner to look inside directories, or remain 
 45		at the current directory level. 
 46
 47
 48Once these are set as appropriate, press Scan and qpScanner will get to work.
 49
 50As it finds queries with CF variables (ie: #values_in_hashes#) that are not 
 51inside a <cfqueryparam/> tag, it will list that file. The positions of the
 52queries are displayed when clicking on a file, and clicking on each of those
 53reveals the actual contents of the query.
 54
 55When complete, it will list how many were found out of how many total queries.
 56
 57
 58
 59NOTE: QueryParam Scanner should be used *only* in your development environment, 
 60not on a live/public box. In addition to the security risks, it might have an 
 61adverse affect on performance.
 62
 63
 64
 65KNOWN ISSUES
 66============
 67
 68This is a development release of QueryParam Scanner, and this list of issues
 69may not be a complete one. Always ensure you have a recent backup of your code.
 70
 71There is one known issue with this version of qpScanner:
 72
 731. Incorrect Line Numbers With Identical Queries
 74If you have a file with multiple identical queries (same name/attributes/SQL),
 75QueryParam Scanner will report line numbers correctly for only the first of 
 76the queries.
 77
 78
 79
 80SUPPORT
 81=======
 82
 83For help or support, please see the project page at Hybridchill:
 84http://www.hybridchill.com/projects/qpscanner.html
 85
 86
 87
 88
 89CREDITS
 90=======
 91
 92QueryParam Scanner is a project created and maintained by Peter Boughton.
 93
 94It makes use of three other open-source projects:
 95- Java Regex Utilities       http://www.hybridchill.com/projects/jre-utils.html
 96- jQuery JavaScript library  http://www.jquery.com
 97- Fusebox Framework          http://www.fuseboxframework.org
 98
 99
100
101
102LICENSING & VERSIONS
103====================
104
105GPL license (see included gpl-license.txt for details)
106- qpScanner v0.7.3
107- jre-utils v0.6.0
108- jQuery v1.2.6
109
110Apache 2 license (see fusebox5/LICENSE.txt for details)
111- Fusebox v5.5.1
112
113
114
115-------------------------------------------------------------------------------