Hi Jason,
There is no need to the cfset the sql string at the start.
Make sure that you always use <cfqueryparam /> as it helps protect from SQL
injection.
<cfquery name="getContent" datasource="indie">
SELECT queryName, title, content
FROM content
WHERE queryName = <cfqueryparam value="#URL.queryName#"
cfsqltype="CF_SQL_VARCHAR" />
</cfquery>
Paul
http://blog.kukiel.net
-----Original Message-----
From: J. Todd Slack-Moehrle [mailto:[email protected]]
Sent: Friday, 9 January 2009 6:43 PM
To: cf-newbie
Subject: CFQuery Syntax
Hi All,
I am reviewing CF and working on a small site to get my skills back up to
par.
Here is what I have:
<CFSET theSQL = "SELECT queryName, title, content FROM content WHERE
queryName = '#URL.queryName#'" >
<cfquery name="getContent" datasource="indie">#theSQL#</cfquery>
<CFOUTPUT>#theSQL#</CFOUTPUT>
I am getting an error about SQL Statement being invalid:
<CFSET theSQL = "SELECT queryName, title, content FROM content WHERE
queryName = '#URL.queryName#'" >
11 :
12 : <cfquery name="getContent" datasource="indie">#theSQL#</cfquery>
13 :
14 : <CFOUTPUT>#theSQL#</CFOUTPUT>
SQLSTATE 42000
SQL SELECT queryName, title, content FROM content WHERE queryName =
''PrivacyPolicy''
VENDORERRORCODE 1064
DATASOURCE indie
Notice that PrivacyPolicy has ³² around it..I am not putting it there. If I
put this statement in a SQL editor and run it it is invalid and it I swithc
to like I think I am doing in the CFSET it works.
What am I doing wrong?
-Jason
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
http://ad.doubleclick.net/clk;207172674;29440083;f
Archive:
http://www.houseoffusion.com/groups/cf-newbie/message.cfm/messageid:4279
Subscription: http://www.houseoffusion.com/groups/cf-newbie/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.15
