should fix you right up.
As an aside you may want to do some research on how you can access
variables in CF - I think it'll save you a lot of effort here.
For example the Form scope can be accessed as a structure using index
notation - and index notation allows the use of variable values. So
this:
<cfset Value = Evaluate("form.#FieldName#")>
can be written much simpler without the evaluate as this:
<cfset Value = form[FieldName]>
Since the Form scope is a structure you can loop over it as a structure
and output its values like so:
<cfloop collection="#Form#" item="Field">
<cfoutput>Form.#Field# = #Form[Field]#<br></cfoutput>
</cfloop>
So if you wanted to loop over the all form fields and turn that into
your parameter list this might work (probably not. but I'm not sure how
you're getting your list):
<cfset QueryList = "">
<cfloop collection="#Form#" item="Field">
<cfif IsNumeric(Form[Field])>
<cfset Value = Form[Field]>
<cfelse>
<cfset Value = "'#Form[Field]#'">
</cfif>
<cfset QueryList = ListAppend(QueryList, "@#Field# =
#Value#")>
</cfloop>
You could probably get rid of the CFIF as well if you use CFQUERYPARAM
instead of building "raw" SQL. You'll also get a (small) performance
boost and the ability to check datatypes.
I've got a big guide up detailing all of the variable access methods for
CF here:
http://www.depressedpress.com/DepressedPress/Content/ColdFusion/Guides/V
ariables/Index.cfm
Don't take this the wrong way - what you have will work just fine and
there's nothing wrong with it. I just thought since you're talking
about creating this is as "toolbox" code that you might be interested.
Jim Davis
-----Original Message-----
From: C. Hatton Humphrey [mailto:[EMAIL PROTECTED]
Sent: Monday, November 03, 2003 11:54 PM
To: CF-Talk
Subject: Dynamic query escaping quotes?
Okay, since the search on the archives isn't working and I deleted all
my
old messages from the email client, I'll have to post this one again.
I have a query that is being dynamically generated... I'm tired of
building
tons of admin pages that are basically a lot of reworked code so I'm
taking
some steps to genericise them to the point where I give the page a list
of
fields and it will populate the form or build the SP call for me.
Here's the offending code:
<cfset QueryList="">
<cfloop List="#FormList#" index="CurrentRow" delimiters=";">
<cfset FieldName = ListGetAt(CurrentRow, 2, "~")>
<cfset Value = Evaluate("form.#FieldName#")>
<cfif ListGetAt(CurrentRow, 1, "~") EQ 1>
<cfset Value= "'" & Value & "'">
</cfif>
<cfset QueryList=ListAppend(QueryList, "@#FieldName#=#value#")>
</cfloop>
<cfquery name="qCompanies" datasource="#session.dsn#">
up_set_companies #queryList#
</cfquery>
When I execute the code ColdFusion is messing me up and escaping the
single
quotes for me. That's throwing an error with my SP calls. Is there a
way
around this?
Thanks!
Hatton
_____
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
