Thank you, everyone, for the helpful advice. Ultimately, the solution was to escape every single-quote in the code snippet, as was suggested early on. And this should've been easy enough except that I attempted the REPLACE() inside of the query. Doh!
Now, all is good: <cfset Var = "<cfset ID = ''>"> <cfset OneQuote = chr(39)> <cfset TwoQuotes = chr(39) & chr(39)> <cfset Var = Replace(Var,OneQuote,TwoQuotes,'ALL')> <cfquery name="StoreVar" datasource="myDSN"> UPDATE Table SET Field = '#Var#' </cfquery> ps. I'm a bit curious to know if CFQUERYPARAM does the same thing (automagically) but haven't checked it out yet. >>>CFQUERY automatically assumes they are escaped when it saves, and >preservesinglequotes() will escape all your single ticks for you. > >Sorry, but it is exactly the other way: > >CFQUERY automatically escapes single quotes when it saves, and >preservesinglequotes() will prevent CFQUERY from escaping if you need the >SQL code to be passes as is. > >Furthermore, something that many forget: > >1. preservesinglequotes() is NOT a function, it just does nothing when used >outside >a CFQUERY tag. >2. preservesinglequotes() will work only if used at the first level on a >variable, > not inside an expression. >ie: trim(preserveSingleQuote(myVar)) is equivalent to trim(myvar) > >(unless this behaviour changed in CFMX, I never tested since) > >-- > >_______________________________________ >REUSE CODE! Use custom tags; >See http://www.contentbox.com/claude/customtags/tagstore.cfm >(Please send any spam to this address: [EMAIL PROTECTED]) >Thanks. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:242206 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
