> I think this is how I would go about the new order by stuff . > Instead of switch or if statements. run the query as one of > the methods in a component, then all you need to do is pass > an argumentcollection item over to handle the Order by portion. > > <cfset NewSort = component.method(qOrderField=Val(name)) /> > > <cffunction> > <cfargument name="qOrderField" type="string" default="*"> > <cfquery name="q"> > select * > from > Order By #Argument.qOrderField# > </cfquery> > <cfreturn q> > </cffunction>
How does that prevent SQL injection? Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Get involved in the latest ColdFusion discussions, product development sharing, and articles on the Adobe Labs wiki. http://labs/adobe.com/wiki/index.php/ColdFusion_8 Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:288630 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
