Matt, I was just teasing Dave. I actually have a lot of respect for Dave for all the information he gives and his ability to put it in a security context.
In regards to your response about the quickest answer because someone didn't RTFM and coming from a security background, I always believe that it is better to give a security focused answer if possible because for too long security hasn't even been a consideration in programming even though it should be one of the first things taught. Also, we also need to consider that RTFM might not be a totally viable option in some situations. I know from trying to look something up last week that I couldn't get to cfquickdocs and cfgloss took over 15 minutes to load before I could search. This also could be a situation where the original poster has access to email but their web browsers are restricted to internal sites only. Not trying to start a fight, just giving another perspective. We've all been there, super short deadline and the mind goes blank. Have a great day! Steve -----Original Message----- From: Matt Quackenbush [mailto:quackfu...@gmail.com] Sent: Monday, August 19, 2013 10:05 AM To: cf-talk Subject: Re: Using IN() within a cfquery statement I take an entirely different viewpoint on Dave's answer. I read the original post and declined to answer because it seemed pretty obvious that ZERO effort was put in place by the questioner to find an answer. My bet is Dave had a similar feeling regarding the effort, but instead of declining to answer gave the quickest and easiest answer that could/would be found by a quick search or perusal of the documentation. Sometimes RTFM *is* the appropriate response. ;-) On Mon, Aug 19, 2013 at 9:50 AM, Mark A Kruger <mkru...@cfwebtools.com>wrote: > > Dave is allowed one weak answer per year... he's waited til August so I say > we give him a break :) > > -Mark > > -----Original Message----- > From: DURETTE, STEVEN J [mailto:sd1...@att.com] > Sent: Monday, August 19, 2013 8:46 AM > To: cf-talk > Subject: RE: Using IN() within a cfquery statement > > > Dave... I'm surprised. Wouldn't you think that CFQueryParam would be the > better way? > > Where stuff in (<cfqueryparam value="#form.stuff#" cfsqltype="appropriate > type" list="yes" separator="," />) > > Steve > > -----Original Message----- > From: Dave Watts [mailto:dwa...@figleaf.com] > Sent: Monday, August 19, 2013 9:42 AM > To: cf-talk > Subject: Re: Using IN() within a cfquery statement > > > > I have a select name="stuff" multiple in a form filled with results from > a > query. > > I get the form field value: stuff=selection1,selection5,selection12. > > > > How do I then build a cfquery using the stuff variable in the IN() > statement? > > Use the quotedValueList function to wrap single quotes around them. > > SELECT ... > FROM ... > WHERE STUFF IN (#quotedValueList(form.stuff)#) > > Dave Watts, CTO, Fig Leaf Software > http://www.figleaf.com/ > http://training.figleaf.com/ > > Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on > GSA Schedule, and provides the highest caliber vendor-authorized > instruction at our training centers, online, or onsite. > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:356490 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
