> > I agree that Trim() should not influence a single quote. Nor should > > HTMLEditFormat(). But both do, even without CFQUERYPARAM.
Please disregard the "even without CFQUERYPARAM" clause in the above statement...that's not true. Can't imagine what in the world I was doing to cause me to come to that conclusion. Totally not true. Erase, erase... >You have to perform all operations on the variable before you use it > in the SQL statement. Not really. I mean, not if you're sending a form variable directly to CFQUERYPARAM for a DB INSERT or UPDATE. Maybe where the confusion comes in is that Trim() and HTMLEditFormat() should be used to *display* information coming from the database, not to manipulate the data before it goes in. CFQUERYPARAM does a great job of getting the database to handle special characters for us, which is exactly the point that Jochem was trying to get across, I'm sure. But then I digressed... :) ~Dina ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4