My reason for using cfqueryparam is because it's (supposedly) faster then just putting the values in-line...
> -----Original Message----- > From: Snake [mailto:[EMAIL PROTECTED] > Sent: Tuesday, February 21, 2006 12:41 PM > To: CF-Talk > Subject: RE: cfsavecontent and cfqueryparam > > You could generate a file with the query in it, and then cfinclude that > file > between the cfquery tags. > But that seems like overkill. > If your reason to use cfqueryparam is to validate the datatypes, you could > achieve the same thing using CFPARAM before passing the values into your > CFSAVECONTENT. > > -- > Snake > > -----Original Message----- > From: Russ [mailto:[EMAIL PROTECTED] > Sent: 21 February 2006 17:02 > To: CF-Talk > Subject: RE: cfsavecontent and cfqueryparam > > There's no way to do something like <cfqueryparam and then do an > evaluate > or something? There must be some workaround... > > > -----Original Message----- > > From: Barney Boisvert [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, February 21, 2006 11:50 AM > > To: CF-Talk > > Subject: Re: cfsavecontent and cfqueryparam > > > > Nope, if you HAVE to put your SQL outside a CFQUERY tag, you have to > > use inline values. Make sure you're very careful about sanitizing any > > such values before using them, or you could be leaving yourself open > > to SQL injection attacks. > > > > And don't forget preserveSingleQuotes() when you dump the generated > > SQL into the CFQUERY tag. > > > > cheers, > > barneyb > > > > On 2/21/06, Russ <[EMAIL PROTECTED]> wrote: > > > I am trying to optimize some queries, and as such, trying to put > > > several > > 1 > > > row insert queries into one. I am trying to use a function to > > > generate > > the > > > sql, and then just loop through each record and generate the sql I > need. > > > The issue I'm running into is that cfqueryparam is not supported > > > outside > > of > > > cfquery. Is there some way to escape it, or am I stuck with putting > > > the > > sql > > > inline with the loop? > > > > > > > > > Here is an example of what I want: > > > > > > <cfsavecontent variable="myqry"> > > > > > > set @userId=<cfqueryparam cfsqltype="cf_sql_integer" > > > value="#userID#"> > > > > > > </cfsavecontent> > > > > > > Russ > > -- > > Barney Boisvert > > [EMAIL PROTECTED] > > 360.319.6145 > > http://www.barneyb.com/ > > > > Got Gmail? I have 100 invites. > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:233014 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
