Philip Arnold - ASP wrote: > I think you're confused a little with what CF terms as "escaping" the > single quotes > > It converts all single quote types to their real single quote versions > for SQL (used in WHERE and such), normally it won't always put the > apostrophies in for the INSERT and UPDATE, it's almost a hit-and-miss > thing
There is no difference between what is used for a WHERE and an INSERT or UPDATE. Just imagine: how would nested WHERE's in an INSERT or UPDATE statement work? > This is why my wife suggested using Replace() combines with > PreserveSingleQuotes() as it's the only guaranteed way of getting it > working It is not the only way, and it isn't a guaranteed way unless you rewrite your replace statements for each RDBMS. Each RDBMS uses different escape characters/sequences and delimiters. Use cfqueryparam. Jochem ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com
