Thanks Wil, That suggestion works. However, in an example of a query with 10 columns and assuming you want to allow desc and asc, does anyone have a more conscience way other than 20 cfcase statements?
I thought about just checking for the existence of the semicolon in the sort variable being passed. If it exists, ignore it and default the sort. But...then I'd still be exposing the actual database field name which as you say, is a not desirable. I haven't attempted to use a framework yet. Do these already/automagically account for this? Does anyone else have another way of dealing with this? > I like to use a cfswitch if there are more than two sort columns. > > I pass something like sort=name or sort=date etc in the URL. My table > columns are never this simply named so I don't have any conflicts. > > Then in the cfswitch statement I have something like this > > <cfswitch expression"#url.sort#"> > <cfcase value="name"> > order by table.user_name > <cfcase> > <cfcase value="date"> > order by table.lastlogin_date > <cfcase> > .. > .. > .. > </cfswitch> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| ColdFusion is delivering applications solutions at at top companies around the world in government. Find out how and where now http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:288610 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
