Ah thank you! I think its an issue on our corporate network. Damn proxy server seems to cough up errors on certain form requests on your site. Very weird. Also happens on the tag gallery when I try and download anything.
Anyway, thanks! -----Original Message----- From: Debbie Dickerson [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 31, 2002 8:20 AM To: CF-Talk Subject: RE: Bug in MX w/ CFQUERYPARAM? It doesn't look like it went through, Stacy. I've taken the information and submitted a bug for it though, so no need to go back and do it again. Deb -----Original Message----- From: Stacy Young [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 30, 2002 5:34 PM To: CF-Talk Subject: RE: Bug in MX w/ CFQUERYPARAM? Well I tried to submit it but got a "Page could not be displayed"...but I think it went thru. -----Original Message----- From: Stacy Young [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 30, 2002 5:29 PM To: CF-Talk Subject: RE: Bug in MX w/ CFQUERYPARAM? I had the same problem....but to be honest I didn't know it was the inline TRIM. Since it was a small personal app I was working on I had just removed the CFQUERYPARAM. (I just verified and I WAS using TRIM() inside the tag) I was working with Win2k OS, Built-in Web Server running CFMX final. Single quotes were added to my input parameters. Have you submitted this as a bug yet? Stace -----Original Message----- From: Kreig Zimmerman [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 30, 2002 4:35 PM To: CF-Talk Subject: Bug in MX w/ CFQUERYPARAM? Hello All, We upgraded our test server to CFMX this weekend (w/ Apache 1.3.20 WS). Most all of our queries that accept user input are sanitized before being inserted in the DB in an Update statment, to whit: <cfquery datasource="#DB#"> UPDATE [dbo].[Sizes] SET [Jumbo] = <cfqueryparam value="#HTMLEditFormat(Trim(attributes.Jumbo))#" cfsqltype="CF_SQL_VARCHAR"> WHERE [SizeID] = <cfqueryparam value="#attributes.sizeuid#" cfsqltype="CF_SQL_INTEGER"> </cfquery> This works fine in CF 5. However, after upgrading to CFMX, I find that now CF is attempting to "Preserve Single Quotes" in the value. Which makes no sense. It does this ONLY when I have the HTMLEditFormat() and/or Trim() functions inline. (I didn't test other string functions, but they're not directly relelvant to my issue either.) It does this with BOTH SQL Server and ODBC Socket drivers. If I treat the string beforehand, e.g. . joe=HTMLEditFormat(Trim(attributes.Jumbo)); . SET [Jumbo] = <cfqueryparam value="#joe#" cfsqltype="CF_SQL_VARCHAR"> . then MX does NOT attempt to double up single quotes (Preserve Single Quotes). Being as this functions differently from CF5 I'm wondering--is this a bug or a feature? Has anyone else encountered this issue? Thanks. ______________________________________________________________________ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
