Ask a Question related to Coldfusion Database Access, Design and Development.
-
DixieGal #1
CFMX7 and dynamic query --Need to maintain single quotes
I have a cfquery select that is built from a search form.
When the form is processed, it builds a searchstring like this:
<cfset searchstring = searchstring & " and dbcolumn1 like '%#form.field1#%'
">
<cfset searchstring = searchstring & " and dbcolumn2 like '%#form.field2#%'
">
(checking to for non-empty form fields to when building the search string)
So my searchstring is a str var containing values similar to this:
and dbcolumn1 like '%#form.field1#%' and dbcolumn2 like '%#form.field2#%'
My query is:
<cfquery name='myquery' datasource=....>
select * from table where displayme=1 and #searchstring#
</cfquery>
It all seems to resolve well, except at the SQL level, the command gets
converted from single quotes ('%#form.field1#%') to double quotes
("%#form.field2#%").
Using the doublequotes hozes up the select and the query isn't evaluated
properly.
Is there an elegant way to maintain the single quotes? I could plug in the
ASCII value for them, but
this doesn't seem to be an issue in CFML5 so I wasn't prepared for it in
this new version...
Please respond here or email me.. I am definitely stuck :)
--
Tami
aka DixieGal
**************************
So it is that the gods to dno give all men gifts of grace - neither good
looks not intelligence nor eloquence...
--Homer, The Odyssey
**************************
DixieGal Guest
-
CFMX7 duplicating single quotes in sql statement
Hello, Macromedia released a hotfix for the issue I'm experiencing but the fix is for MX 6.1. I'm running MX 7.0.2. ... -
CF double quoting my single quotes in query string
I'm building my query string on the fly. So I have something like this: <cfset szQuery = "SELECT id FROM tblFoo WHERE id=' " &... -
Single Quotes vs Double Quotes
With all that's been said in mind ('$var' unparsed "$var" parsed). The rule of thumb I follow is, if it needs to be parsed (has a $variable or \n... -
[PHP] Single Quotes vs Double Quotes
Hi, Tuesday, September 9, 2003, 2:03:34 PM, you wrote: mb> Hi everyone, mb> Could somebody please explain to me the difference mb> between... -
Recommend pse: Quotes, Single Quotes, etc. basics
I've been fooling with this stuff for awhile and I still have problems with quotes, double quotes, etc. I have no programming or database... -
Mountain Lover #2 Re: CFMX7 and dynamic query --Need to maintain single quotes
PreserveSingleQuotes()
better yet: cfqueryparam
HTH
--
Tim Carley
[url]www.recfusion.com[/url]
[email]info@NOSPAMINGrecfusion.com[/email]
Mountain Lover Guest
-
DixieGal #3 Re: CFMX7 and dynamic query --Need to maintain single quotes
duh!
I tried cfqueryparam, but the query still got choked
Thanks Tim!
LOL, Tami
"Mountain Lover" <info@NOSPAMrecfusion.com> wrote in message
news:di6i07$ltf$1@forums.macromedia.com...
| PreserveSingleQuotes()
| better yet: cfqueryparam
| HTH
| --
| Tim Carley
| [url]www.recfusion.com[/url]
| [email]info@NOSPAMINGrecfusion.com[/email]
DixieGal Guest
-
mxstu #4 Re: CFMX7 and dynamic query --Need to maintain singlequotes
Mountain Lover's right. Use cfqueryparam if you can because although
PreserveSingleQuotes() works, it can pose a sql injection risk. Using
cfqueryparam may also increase performance in certain situations.
mxstu Guest
-
DixieGal #5 Re: CFMX7 and dynamic query --Need to maintain single quotes
Yep, let me try again. I use cfqueryparam for all my other sql stmts,so
am very familiar with it.... if I have to bang the statement out with
a preservesinglequotes() inside cfqueryparam, I will ...
Thanks guys... too little coffee... and too little brain power today. Must
be all
the rain outside :)
Tami
"mxstu" <webforumsuser@macromedia.com> wrote in message
news:di6kv0$q2t$1@forums.macromedia.com...
| Mountain Lover's right. Use cfqueryparam if you can because although
| PreserveSingleQuotes() works, it can pose a sql injection risk. Using
| cfqueryparam may also increase performance in certain situations.
|
DixieGal Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
