executing multiple queries

2005-10-07 Thread wolf2k5
Hi, Is there any way to execute multiple queries with ColdFusion MX 6.1 and Oracle Database 9i R2? The cfquery tag seems to support a single query only ... Thanks. ~| Find out how CFTicket can increase your company's customer

RE: executing multiple queries

2005-10-07 Thread Ian Skinner
Sorry, it's the other way around. Oracle does not support multiple queries in a query string. I fought this for a long time before I found an Oracle blog/tech note/something that indicated you can't do multiple queries. Stored procedures are probably the only way to go I think, but I've not

Re: executing multiple queries

2005-10-07 Thread Bryan Stevenson
Yep...pretty sure with Oracle it's still single query onlybut not in SQL Server ;-) Bryan Stevenson B.Comm. VP Director of E-Commerce Development Electric Edge Systems Group Inc. phone: 250.480.0642 fax: 250.480.1264 cell: 250.920.8830 e-mail: [EMAIL PROTECTED] web:

RE: executing multiple queries

2005-10-07 Thread Russ
[mailto:[EMAIL PROTECTED] Sent: Friday, October 07, 2005 1:36 PM To: CF-Talk Subject: Re: executing multiple queries Yep...pretty sure with Oracle it's still single query onlybut not in SQL Server ;-) Bryan Stevenson B.Comm. VP Director of E-Commerce Development Electric Edge Systems Group Inc

Re: executing multiple queries

2005-10-07 Thread Bryan Stevenson
Meaning SQL server is more vulnerable to SQL injection attacks. Hmm... wonder what this does? cfset url.parameter='1; drop table orders;' cfquery name=qryname datasource=somedsn Select * from items where itemId=#url.parameter# /cfquery How do you figure Russ? No matter what DB you use,

Re: executing multiple queries

2005-10-07 Thread HOFLee _
Hmm... wonder what this does? cfset url.parameter='1; drop table orders;' cfquery name=qryname datasource=somedsn Select * from items where itemId=#url.parameter# /cfquery Makes a dba very unhappy (unless they were smart enough to use cfqueryparam ;-)

RE: executing multiple queries

2005-10-07 Thread Russ
Maybe certain types of sql injection... databases not allowing multiple statements, would just error out on the example I've given... -Original Message- From: Bryan Stevenson [mailto:[EMAIL PROTECTED] Sent: Friday, October 07, 2005 1:55 PM To: CF-Talk Subject: Re: executing multiple

Re: executing multiple queries

2005-10-07 Thread Bryan Stevenson
Maybe certain types of sql injection... databases not allowing multiple statements, would just error out on the example I've given... Fair enoughbut if a developer does't use CFQUERYPARAM then IMHO they deserve a good beating from SQL injection attacks ;-) Bryan Stevenson B.Comm. VP

RE: executing multiple queries

2005-10-07 Thread Robertson-Ravo, Neil (RX)
well, just cause you dont use CFQUERYPARAM doesnt mean you are open to to attack per say. -Original Message- From: Bryan Stevenson To: CF-Talk Sent: 07/10/2005 19:39 Subject: Re: executing multiple queries Maybe certain types of sql injection... databases not allowing multiple

Re: executing multiple queries

2005-10-07 Thread Bryan Stevenson
well, just cause you dont use CFQUERYPARAM doesnt mean you are open to to attack per say. When using URL params in your query (as the example did) you are.but ther are other reasons (like BIND variables and performance) that you should use CFQUERYPARAM Bryan Stevenson B.Comm. VP