My hazy memory tells me, if you use any functions on a variable in a
cfquery, it does not escape that string. Trim, iif, listGetAt. etc.
For this reason, I manipulate all the variables before I try to use
them in a cfquery.
Jerry
On 6/2/06, Jim McAtee <[EMAIL PROTECTED]> wrote:
> I'm working in CF5. I thought single quotes within strings were always
> escaped in a cfquery. I have a query using an IIf() in the value and this
> doesn't appear to be the case. Does this have something to do with how
> I'm doing the evaluation of the second argument in the IIf() below?
>
> In this simplification of the query the single quote within the first
> string is escaped, but the second one is not, causing an error.
>
> form.name = "John O'Mara"
> authresponse.http_response = "1|1|1|John O'Mara|approved"
>
> <cfquery datasource="#dsn#">
> INSERT INTO cctransactions (
> name,
> response
> )
> VALUES (
> '#form.name#',
> '#IIf(StructKeyExists(authresponse, "http_response"),
> "authresponse.http_response",
> DE(""))#'
> )
> </cfquery>
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Message: http://www.houseoffusion.com/lists.cfm/link=i:4:242163
Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4
Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
