> > Of course a lot of this is academic anyway. Jochem is correct of
> > course that much (perhaps all of this) of this is now handled
> > (better) with CFQUERYPARAM. The PreserveSingleQuotes() function was
> > one of the original functions (I believe all the way back to
> > version 1.0).
>
> > It made sense when it was created but it really only
> > makes sense now if you can't, for some reason, use CFQUERYPARAM.
>
> erm... I think you got that a little backwards. The purpose of
> PreserveSingleQuotes() is to allow you to pass a sql
> statement or portion of a sql statement as a variable into a
> query, i.e.
>
> <cfset mywhereclause = "mycolumn='something'">
>
> <cfquery ...>
> SELECT * FROM mytable
> WHERE #preservesinglequotes(mywhereclause)#
> </cfquery>
That would be a case where, for some reason, you can't use CFQUERYPARAM.
;^)
But if the statement was:
<cfset mywhereclause = "something">
<cfquery ...>
SELECT * FROM mytable
WHERE mycolumn = #preservesinglequotes(mywhereclause)#
</cfquery>
(Not a good example, I know) Then you could use:
<cfset mywhereclause = "something">
<cfquery ...>
SELECT * FROM mytable
WHERE mycolumn = <CFQUERYPARAM...>
</cfquery>
> As an asside -- I remember that prior to my becoming involved
> with cf, the syntax for cfquery was
>
> <cfquery datasource="blah" sql="sql statement here">
Yup - that was true (and best forgotten). What a PITA. ;^)
> <cfquery sql="#mysqlstatement#"> in which case the only way
> to make the statement work if the #mysqlstatement# variable
> contained something like mycolumn='something' would be to use
> #preservesinglequotes(mysqlstatement)#.
Exactly - I agree totally.
My point was really that PerserveSingleQuotes used to be needed in all
cases like that. Really all over the place. Now, if at all possible
(which is isn't in your example), you should use CFQUERYPARAM and
reserve PreserveSingleQuotes for examples like yours.
Honestly I'm not really sure of there are other classes of examples that
make sense... Of course I don't know SQL as well as you so I may be
missing a lot, but this one seems to be the big one if not the only one.
Jim Davis
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4
Subscription:
http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Get the mailserver that powers this list at http://www.coolfusion.com
