With a little side of applesauce...

Thursday, February 25, 2010

Coldfusion / cfquery - quotes in strings

"Escaped single quotes mess up SQL used in the cfquery tag as described in ColdFusion single quote string screwup.

The behavior described in the page above also affects ColdFusion MX 7: When a string variable is put into a cfquery tag any single quotes are changed to TWO single quotes, ( note, not a double quote). This makes creating SQL strings difficult because they do not work inside of the cfquery tag, for example a typical SQL string with should have a single quote around a string value but inside the cfquery tag the string would become:
"

I prefer the built-in PreserveSingleQuotes() function.

http://www.tc.umn.edu/~hause011/article/coldfusion_sql_string.html

No comments: