Hello, does anyone know how to include mixed (single and double) quotes in a
text value in a SQL query? The standard escape method doesn't seem to work
here. For example (text shown is the literal text we want to use and of
course does not work in it's current form because of the single quote):
Hello, does anyone know how to include mixed (single and
double) quotes in a text value in a SQL query? The standard
escape method doesn't seem to work here. For example (text
shown is the literal text we want to use and of course
does not work in it's current form because of the single
Try running the check string for fieldname through PreserveSingleQuotes()
first.
cfset fieldnamevar = PreserveSingleQuotes(fieldnamevar)
and then
SELECT * FROM TABLE WHERE fieldname='#fieldnamevar#'
At 03:58 PM 2/27/2003 -0800, you wrote:
Hello, does anyone know how to include mixed (single
a.m.
To: CF-Talk
Subject: mixed quotes in SQL statement
Hello, does anyone know how to include mixed (single and double) quotes in a
text value in a SQL query? The standard escape method doesn't seem to work
here. For example (text shown is the literal text we want to use and of
course does
]
To: CF-Talk [EMAIL PROTECTED]
Sent: Thursday, February 27, 2003 4:14 PM
Subject: RE: mixed quotes in SQL statement
What's your standard escape method?
I'd recommend using cfqueryparam.
SELECT * FROM TABLE WHERE fieldname=cfqueryparam
value='ahref=javascript('='10') hot java
5 matches
Mail list logo